Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1049939?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "type": "deb", "namespace": "debian", "name": "glibc", "version": "2.31-9", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.36-8", "latest_non_vulnerable_version": "2.42-14", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62168?format=api", "vulnerability_id": "VCID-2gmq-64e3-c7db", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23218.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23218.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23218", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59469", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59476", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65785", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66886", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66912", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66967", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66947", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23218" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042013", "reference_id": "2042013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042013" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:43Z/" } ], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0896", "reference_id": "RHSA-2022:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0896" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768", "reference_id": "show_bug.cgi?id=28768", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:43Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28768" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-2/", "reference_id": "USN-5310-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2022-23218" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gmq-64e3-c7db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43040?format=api", "vulnerability_id": "VCID-3hqs-jns2-puf2", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70205", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70102", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70141", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70157", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7018", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70165", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70153", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70196", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277202", "reference_id": "2277202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277202" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005", "reference_id": "GLIBC-SA-2024-0005", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0011/", "reference_id": "ntap-20240524-0011", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0011/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33599" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hqs-jns2-puf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62165?format=api", "vulnerability_id": "VCID-6qa1-upks-g3dm", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74892", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74805", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74855", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74879", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74858", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74849", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00848", "scoring_system": "epss", "scoring_elements": "0.74885", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637", "reference_id": "2024637", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024637" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2022/01/24/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2022/01/24/4" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2021-3999", "reference_id": "CVE-2021-3999", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2021-3999" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2021-3999", "reference_id": "CVE-2021-3999", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-3999" }, { "reference_url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", "reference_id": "gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221104-0001/", "reference_id": "ntap-20221104-0001", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221104-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0896", "reference_id": "RHSA-2022:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0896" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769", "reference_id": "show_bug.cgi?id=28769", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T20:54:28Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28769" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-2/", "reference_id": "USN-5310-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-2/" }, { "reference_url": "https://usn.ubuntu.com/6762-1/", "reference_id": "USN-6762-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6762-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050173?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u5" } ], "aliases": [ "CVE-2021-3999" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qa1-upks-g3dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43780?format=api", "vulnerability_id": "VCID-8p27-z2tz-4bbm", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33574.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33574.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33574", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30847", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30852", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30842", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30873", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30973", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30838", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30927", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30887", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33574" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965408", "reference_id": "1965408", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965408" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989147", "reference_id": "989147", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989147" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4358", "reference_id": "RHSA-2021:4358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4358" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2021-33574" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8p27-z2tz-4bbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43041?format=api", "vulnerability_id": "VCID-bcuy-bbxf-x7hy", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33600.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33600.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4522", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45242", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.4524", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45261", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45231", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00225", "scoring_system": "epss", "scoring_elements": "0.45282", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277204", "reference_id": "2277204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277204" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006", "reference_id": "GLIBC-SA-2024-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0013/", "reference_id": "ntap-20240524-0013", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0013/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33600" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcuy-bbxf-x7hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43042?format=api", "vulnerability_id": "VCID-bsue-bznw-1ffe", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28379", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28367", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28476", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28479", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28436", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28387", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28401", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277205", "reference_id": "2277205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277205" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007", "reference_id": "GLIBC-SA-2024-0007", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0014/", "reference_id": "ntap-20240524-0014", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0014/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33601" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsue-bznw-1ffe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43044?format=api", "vulnerability_id": "VCID-d5xx-af6p-2fhn", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13033", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13249", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13218", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13181", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13129", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13198", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "reference_id": "2367468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468" }, { "reference_url": "https://security.gentoo.org/glsa/202509-04", "reference_id": "GLSA-202509-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-04" }, { "reference_url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "reference_id": "?id=1e18586c5820e329f741d5c710275e165581380e", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T13:47:23Z/" } ], "url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10219", "reference_id": "RHSA-2025:10219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10220", "reference_id": "RHSA-2025:10220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10294", "reference_id": "RHSA-2025:10294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11487", "reference_id": "RHSA-2025:11487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8655", "reference_id": "RHSA-2025:8655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8686", "reference_id": "RHSA-2025:8686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9028", "reference_id": "RHSA-2025:9028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9336", "reference_id": "RHSA-2025:9336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9725", "reference_id": "RHSA-2025:9725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9750", "reference_id": "RHSA-2025:9750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9750" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "reference_id": "show_bug.cgi?id=32976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T13:47:23Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976" }, { "reference_url": "https://usn.ubuntu.com/7541-1/", "reference_id": "USN-7541-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7541-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-4802" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5xx-af6p-2fhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43779?format=api", "vulnerability_id": "VCID-dqgn-fdxt-u3cc", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3326.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3326.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3326", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38548", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38471", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38545", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38494", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38501", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38527", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38565", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38554", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3326" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921916", "reference_id": "1921916", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921916" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/01/28/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/01/28/2" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981198", "reference_id": "981198", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981198" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210304-0007/", "reference_id": "ntap-20210304-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210304-0007/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888", "reference_id": "?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=7d88c6142c6efc160c0ee5e4f85cde382c072888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256", "reference_id": "show_bug.cgi?id=27256", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:17:18Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27256" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5699-1/", "reference_id": "USN-5699-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5699-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050169?format=api", "purl": "pkg:deb/debian/glibc@2.31-11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-11" } ], "aliases": [ "CVE-2021-3326" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqgn-fdxt-u3cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62166?format=api", "vulnerability_id": "VCID-ge24-a7a4-d3bn", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78075", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78123", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78113", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.8172", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.81688", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01598", "scoring_system": "epss", "scoring_elements": "0.81682", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977975", "reference_id": "1977975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977975" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990542", "reference_id": "990542", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990542" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210827-0005/", "reference_id": "ntap-20210827-0005", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210827-0005/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c", "reference_id": "?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=5adda61f62b77384718b4c0d8336ade8f2b4b35c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4358", "reference_id": "RHSA-2021:4358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4358" }, { "reference_url": "https://sourceware.org/glibc/wiki/Security%20Exceptions", "reference_id": "Security%20Exceptions", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://sourceware.org/glibc/wiki/Security%20Exceptions" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011", "reference_id": "show_bug.cgi?id=28011", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-13T20:00:35Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28011" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5699-1/", "reference_id": "USN-5699-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5699-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050170?format=api", "purl": "pkg:deb/debian/glibc@2.31-13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13" } ], "aliases": [ "CVE-2021-35942" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ge24-a7a4-d3bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34316?format=api", "vulnerability_id": "VCID-gv4u-g36a-w3cf", "summary": "Multiple vulnerabilities in glibc could result in Local Privilege Escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.59128", "scoring_system": "epss", "scoring_elements": "0.9822", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.59128", "scoring_system": "epss", "scoring_elements": "0.98223", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.72535", "scoring_system": "epss", "scoring_elements": "0.98763", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.72771", "scoring_system": "epss", "scoring_elements": "0.98771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.9884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98845", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.74256", "scoring_system": "epss", "scoring_elements": "0.98844", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352", "reference_id": "2238352", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238352" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_id": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8" }, { "reference_url": "https://www.qualys.com/cve-2023-4911/", "reference_id": "cve-2023-4911", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://www.qualys.com/cve-2023-4911/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-4911", "reference_id": "CVE-2023-4911", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-4911" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt", "reference_id": "CVE-2023-4911", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt" }, { "reference_url": "https://security.gentoo.org/glsa/202310-03", "reference_id": "GLSA-202310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-03" }, { "reference_url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "reference_id": "looney-tunables-local-privilege-escalation-glibc-ld-so.txt", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5453", "reference_id": "RHSA-2023:5453", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5454", "reference_id": "RHSA-2023:5454", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5455", "reference_id": "RHSA-2023:5455", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5476", "reference_id": "RHSA-2023:5476", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0033", "reference_id": "RHSA-2024:0033", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0033" }, { "reference_url": "https://usn.ubuntu.com/6409-1/", "reference_id": "USN-6409-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6409-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2023-4911" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gv4u-g36a-w3cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79939?format=api", "vulnerability_id": "VCID-nk5x-uhcf-7kan", "summary": "glibc: conversion from ISO-2022-JP-3 with iconv may emit spurious NUL character on state reset", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43396.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69407", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69299", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69309", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69359", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69398", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69369", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43396" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020652", "reference_id": "2020652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020652" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998622", "reference_id": "998622", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998622" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2021-43396" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nk5x-uhcf-7kan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43039?format=api", "vulnerability_id": "VCID-sjav-8bub-eycz", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2961.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99712", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.9971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.92156", "scoring_system": "epss", "scoring_elements": "0.99711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.92578", "scoring_system": "epss", "scoring_elements": "0.99739", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069191", "reference_id": "1069191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069191" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/24/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/24/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273404", "reference_id": "2273404", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273404" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/18/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/18/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/27/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/27/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/17/9", "reference_id": "9", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/17/9" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/", "reference_id": "BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004", "reference_id": "GLIBC-SA-2024-0004", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00001.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240531-0002/", "reference_id": "ntap-20240531-0002", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240531-0002/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/", "reference_id": "P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2722", "reference_id": "RHSA-2024:2722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3269", "reference_id": "RHSA-2024:3269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7590", "reference_id": "RHSA-2024:7590", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7594", "reference_id": "RHSA-2024:7594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7939", "reference_id": "RHSA-2024:7939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8235", "reference_id": "RHSA-2024:8235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8235" }, { "reference_url": "https://usn.ubuntu.com/6737-1/", "reference_id": "USN-6737-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6737-1/" }, { "reference_url": "https://usn.ubuntu.com/6737-2/", "reference_id": "USN-6737-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6737-2/" }, { "reference_url": "https://usn.ubuntu.com/6762-1/", "reference_id": "USN-6762-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6762-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/", "reference_id": "YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-30T04:00:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-2961" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjav-8bub-eycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62169?format=api", "vulnerability_id": "VCID-wp18-zqr6-a3ag", "summary": "Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59469", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00379", "scoring_system": "epss", "scoring_elements": "0.59476", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65785", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66886", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66912", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66967", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66947", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042017", "reference_id": "2042017", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042017" }, { "reference_url": "https://security.gentoo.org/glsa/202208-24", "reference_id": "GLSA-202208-24", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:40Z/" } ], "url": "https://security.gentoo.org/glsa/202208-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0896", "reference_id": "RHSA-2022:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0896" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542", "reference_id": "show_bug.cgi?id=22542", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:40Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22542" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-2/", "reference_id": "USN-5310-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050172?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u3" } ], "aliases": [ "CVE-2022-23219" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wp18-zqr6-a3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43043?format=api", "vulnerability_id": "VCID-xhcm-t8jb-ybfb", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63633", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63644", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63661", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63676", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.6366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63664", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277206", "reference_id": "2277206", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277206" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/22/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/22/5" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008", "reference_id": "GLIBC-SA-2024-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008" }, { "reference_url": "https://security.gentoo.org/glsa/202405-17", "reference_id": "GLSA-202405-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-17" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240524-0012/", "reference_id": "ntap-20240524-0012", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240524-0012/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2799", "reference_id": "RHSA-2024:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3309", "reference_id": "RHSA-2024:3309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3312", "reference_id": "RHSA-2024:3312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3339", "reference_id": "RHSA-2024:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3344", "reference_id": "RHSA-2024:3344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3411", "reference_id": "RHSA-2024:3411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3423", "reference_id": "RHSA-2024:3423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3464", "reference_id": "RHSA-2024:3464", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3588", "reference_id": "RHSA-2024:3588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4126", "reference_id": "RHSA-2024:4126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4126" }, { "reference_url": "https://usn.ubuntu.com/6804-1/", "reference_id": "USN-6804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6804-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995125?format=api", "purl": "pkg:deb/debian/glibc@2.31-13%2Bdeb11u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3e43-r92j-hkd3" }, { "vulnerability": "VCID-9nqp-tfvr-ayen" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-jswq-6ru6-wybc" }, { "vulnerability": "VCID-kukb-s61t-pbc3" }, { "vulnerability": "VCID-nwfb-xnks-1kg7" }, { "vulnerability": "VCID-ssnc-wdcf-sfc9" }, { "vulnerability": "VCID-tcpv-4crc-zuap" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zn6t-3mvb-wufm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11" } ], "aliases": [ "CVE-2024-33602" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xhcm-t8jb-ybfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61864?format=api", "vulnerability_id": "VCID-ys5d-7xgp-w7g5", "summary": "A vulnerability has been discovered in glibc, which can lead to execution of arbitrary code..", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0395.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21718", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21899", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21798", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21808", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21768", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21711", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "reference_id": "000044.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/pipermail/libc-announce/2025/000044.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "reference_id": "2339460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339460" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2025/01/22/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2025/01/22/4" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "reference_id": "GLIBC-SA-2025-0001", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001" }, { "reference_url": "https://security.gentoo.org/glsa/202505-06", "reference_id": "GLSA-202505-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3828", "reference_id": "RHSA-2025:3828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4241", "reference_id": "RHSA-2025:4241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4242", "reference_id": "RHSA-2025:4242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4243", "reference_id": "RHSA-2025:4243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4244", "reference_id": "RHSA-2025:4244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4244" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "reference_id": "show_bug.cgi?id=32582", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32582" }, { "reference_url": "https://usn.ubuntu.com/7259-1/", "reference_id": "USN-7259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-1/" }, { "reference_url": "https://usn.ubuntu.com/7259-2/", "reference_id": "USN-7259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-2/" }, { "reference_url": "https://usn.ubuntu.com/7259-3/", "reference_id": "USN-7259-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-0395" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ys5d-7xgp-w7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43778?format=api", "vulnerability_id": "VCID-zqx5-4rdk-1qa3", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27645.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27645.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27645", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11077", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11057", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1122", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11176", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11232", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11242", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11209", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11184", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11048", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932589", "reference_id": "1932589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932589" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/", "reference_id": "7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983479", "reference_id": "983479", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983479" }, { "reference_url": "https://security.archlinux.org/AVG-1621", "reference_id": "AVG-1621", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1621" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/", "reference_id": "I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4358", "reference_id": "RHSA-2021:4358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4358" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462", "reference_id": "show_bug.cgi?id=27462", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:57:29Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=27462" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050169?format=api", "purl": "pkg:deb/debian/glibc@2.31-11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-11" } ], "aliases": [ "CVE-2021-27645" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqx5-4rdk-1qa3" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43777?format=api", "vulnerability_id": "VCID-13gq-1x22-skhy", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1686", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16863", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1701", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16817", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893708", "reference_id": "1893708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893708" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973914", "reference_id": "973914", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973914" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210401-0006/", "reference_id": "ntap-20210401-0006", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210401-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21", "reference_id": "show_bug.cgi?id=19519#c21", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224", "reference_id": "show_bug.cgi?id=26224", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:14:58Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26224" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-27618" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13gq-1x22-skhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81840?format=api", "vulnerability_id": "VCID-6kb1-yuq8-tfbs", "summary": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06277", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06337", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06399", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06388", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06412", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06404", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19126" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FQ5LC6JOYSOYFPRUZ4S45KL6IP3RPPZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774681", "reference_id": "1774681", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774681" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945250", "reference_id": "945250", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945250" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126", "reference_id": "CVE-2019-19126", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1828", "reference_id": "RHSA-2020:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3861", "reference_id": "RHSA-2020:3861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2019-19126" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6kb1-yuq8-tfbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59737?format=api", "vulnerability_id": "VCID-b6tp-a1qc-pfdw", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6096.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6096.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8318", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83283", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83196", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83233", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8324", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.8325", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01904", "scoring_system": "epss", "scoring_elements": "0.83282", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-6096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" }, { "reference_url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820331", "reference_id": "1820331", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820331" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961452", "reference_id": "961452", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961452" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096", "reference_id": "CVE-2020-6096", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6096" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-13T20:06:27Z/" } ], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://usn.ubuntu.com/4954-1/", "reference_id": "USN-4954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4954-1/" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-6096" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b6tp-a1qc-pfdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59735?format=api", "vulnerability_id": "VCID-hj77-4nfx-fuaa", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29562.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29562.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29562", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16125", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16149", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1637", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16255", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16301", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16261", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16131", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905217", "reference_id": "1905217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905217" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976391", "reference_id": "976391", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976391" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210122-0004/", "reference_id": "ntap-20210122-0004", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210122-0004/" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923", "reference_id": "show_bug.cgi?id=26923", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26923" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", "reference_id": "TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-29562" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hj77-4nfx-fuaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61416?format=api", "vulnerability_id": "VCID-mqch-gxfq-zyhh", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10029.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10029.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12802", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.129", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1295", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12753", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12812", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12767", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1267", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12677", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10029" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810670", "reference_id": "1810670", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810670" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953108", "reference_id": "953108", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953108" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4444", "reference_id": "RHSA-2020:4444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0348", "reference_id": "RHSA-2021:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2998", "reference_id": "RHSA-2021:2998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3315", "reference_id": "RHSA-2021:3315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3315" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-10029" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqch-gxfq-zyhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61417?format=api", "vulnerability_id": "VCID-pyms-pya1-buck", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33535", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33719", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33634", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3363", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33589", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33566", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33599", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33575", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1751" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810719", "reference_id": "1810719", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810719" }, { "reference_url": "https://security.gentoo.org/glsa/202006-04", "reference_id": "GLSA-202006-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4444", "reference_id": "RHSA-2020:4444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4444" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-1751" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyms-pya1-buck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43776?format=api", "vulnerability_id": "VCID-sbzq-gp2e-v7fy", "summary": "Multiple vulnerabilities in glibc could result in Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74084", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74179", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.7409", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74133", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74136", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74121", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-25013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912960", "reference_id": "1912960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912960" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/", "reference_id": "4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979273", "reference_id": "979273", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979273" }, { "reference_url": "https://security.archlinux.org/ASA-202102-16", "reference_id": "ASA-202102-16", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-16" }, { "reference_url": "https://security.archlinux.org/ASA-202102-17", "reference_id": "ASA-202102-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-17" }, { "reference_url": "https://security.archlinux.org/AVG-1320", "reference_id": "AVG-1320", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1320" }, { "reference_url": "https://security.gentoo.org/glsa/202107-07", "reference_id": "GLSA-202107-07", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://security.gentoo.org/glsa/202107-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210205-0004/", "reference_id": "ntap-20210205-0004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210205-0004/" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b", "reference_id": "?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=ee7a3144c9922808181009b7b3e50e852fb4999b" }, { "reference_url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E", "reference_id": "r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E", "reference_id": "r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E", "reference_id": "r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E", "reference_id": "r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E", "reference_id": "r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cjira.kafka.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E", "reference_id": "r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece%40%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E", "reference_id": "r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc%40%3Cdev.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E", "reference_id": "rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c%40%3Cissues.zookeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0348", "reference_id": "RHSA-2021:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973", "reference_id": "show_bug.cgi?id=24973", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24973" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/", "reference_id": "TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:16:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2019-25013" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbzq-gp2e-v7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59733?format=api", "vulnerability_id": "VCID-v96m-se3g-8ydp", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10228.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10228.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61554", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.6155", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61461", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61489", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61459", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61507", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61522", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61529", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10228" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10228" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428290", "reference_id": "1428290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428290" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856503", "reference_id": "856503", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856503" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1585", "reference_id": "RHSA-2021:1585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1585" }, { "reference_url": "https://usn.ubuntu.com/5310-1/", "reference_id": "USN-5310-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5310-1/" }, { "reference_url": "https://usn.ubuntu.com/5768-1/", "reference_id": "USN-5768-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5768-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2016-10228" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v96m-se3g-8ydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59734?format=api", "vulnerability_id": "VCID-vqyv-kf5w-vkch", "summary": "Multiple vulnerabilities have been found in glibc, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40442", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40521", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40548", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.4052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40552", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40543", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40511", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810718", "reference_id": "1810718", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810718" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953788", "reference_id": "953788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953788" }, { "reference_url": "https://security.gentoo.org/glsa/202101-20", "reference_id": "GLSA-202101-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4444", "reference_id": "RHSA-2020:4444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4444" }, { "reference_url": "https://usn.ubuntu.com/4416-1/", "reference_id": "USN-4416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4416-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049939?format=api", "purl": "pkg:deb/debian/glibc@2.31-9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gmq-64e3-c7db" }, { "vulnerability": "VCID-3hqs-jns2-puf2" }, { "vulnerability": "VCID-6qa1-upks-g3dm" }, { "vulnerability": "VCID-8p27-z2tz-4bbm" }, { "vulnerability": "VCID-bcuy-bbxf-x7hy" }, { "vulnerability": "VCID-bsue-bznw-1ffe" }, { "vulnerability": "VCID-d5xx-af6p-2fhn" }, { "vulnerability": "VCID-dqgn-fdxt-u3cc" }, { "vulnerability": "VCID-ge24-a7a4-d3bn" }, { "vulnerability": "VCID-gv4u-g36a-w3cf" }, { "vulnerability": "VCID-nk5x-uhcf-7kan" }, { "vulnerability": "VCID-sjav-8bub-eycz" }, { "vulnerability": "VCID-wp18-zqr6-a3ag" }, { "vulnerability": "VCID-xhcm-t8jb-ybfb" }, { "vulnerability": "VCID-ys5d-7xgp-w7g5" }, { "vulnerability": "VCID-zqx5-4rdk-1qa3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" } ], "aliases": [ "CVE-2020-1752" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vqyv-kf5w-vkch" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-9" }