Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1050472?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "type": "deb", "namespace": "debian", "name": "gnutls28", "version": "3.7.1-5+deb11u3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.7.9-2+deb12u5", "latest_non_vulnerable_version": "3.7.9-2+deb12u5", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48027?format=api", "vulnerability_id": "VCID-92x9-x1ep-cqdn", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.8227", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82292", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82265", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01705", "scoring_system": "epss", "scoring_elements": "0.82251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02294", "scoring_system": "epss", "scoring_elements": "0.84718", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02294", "scoring_system": "epss", "scoring_elements": "0.84711", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02294", "scoring_system": "epss", "scoring_elements": "0.84729", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02294", "scoring_system": "epss", "scoring_elements": "0.84724", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", "reference_id": "004845.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067464", "reference_id": "1067464", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228", "reference_id": "2269228", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-28834", "reference_id": "CVE-2024-28834", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-28834" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1784", "reference_id": "RHSA-2024:1784", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1879", "reference_id": "RHSA-2024:1879", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1997", "reference_id": "RHSA-2024:1997", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2044", "reference_id": "RHSA-2024:2044", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2570", "reference_id": "RHSA-2024:2570", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2889", "reference_id": "RHSA-2024:2889", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:20:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2889" }, { "reference_url": "https://usn.ubuntu.com/6733-1/", "reference_id": "USN-6733-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6733-1/" }, { "reference_url": "https://usn.ubuntu.com/6733-2/", "reference_id": "USN-6733-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6733-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2024-28834", "GNUTLS-SA-2023-12-04" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92x9-x1ep-cqdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66455?format=api", "vulnerability_id": "VCID-9pdw-udwq-6kbz", "summary": "gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9820.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9820.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9820", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02569", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02855", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02883", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02907", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02879", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0286", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9820" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9820", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9820" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121146", "reference_id": "1121146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121146" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/issues/1732", "reference_id": "1732", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1732" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5", "reference_id": "1d56f96f6ab5034d677136b9d50b5a75dff0faf5", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392528", "reference_id": "2392528", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392528" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9", "reference_id": "cpe:/a:redhat:ceph_storage:8::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9", "reference_id": "cpe:/a:redhat:rhui:5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-9820", "reference_id": "CVE-2025-9820", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-9820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3477", "reference_id": "RHSA-2026:3477", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4188", "reference_id": "RHSA-2026:4188", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4655", "reference_id": "RHSA-2026:4655", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5585", "reference_id": "RHSA-2026:5585", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:5585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7329", "reference_id": "RHSA-2026:7329", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7329" }, { "reference_url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18", "reference_id": "security-new.html#GNUTLS-SA-2025-11-18", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-26T20:10:45Z/" } ], "url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18" }, { "reference_url": "https://usn.ubuntu.com/8043-1/", "reference_id": "USN-8043-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8043-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2025-9820", "GNUTLS-SA-2025-11-18" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9pdw-udwq-6kbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48024?format=api", "vulnerability_id": "VCID-a18u-4j99-nbf8", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0553.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0553.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0553", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77306", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77252", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.7728", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77262", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.7733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01029", "scoring_system": "epss", "scoring_elements": "0.77309", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0553" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0553" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "reference_id": "004841.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061046", "reference_id": "1061046", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061046" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/issues/1522", "reference_id": "1522", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1522" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258412", "reference_id": "2258412", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258412" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9", "reference_id": "cpe:/a:redhat:logging:5.8::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9", "reference_id": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-0553", "reference_id": "CVE-2024-0553", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-0553" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0533", "reference_id": "RHSA-2024:0533", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0627", "reference_id": "RHSA-2024:0627", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0796", "reference_id": "RHSA-2024:0796", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1082", "reference_id": "RHSA-2024:1082", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1108", "reference_id": "RHSA-2024:1108", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-16T15:03:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://usn.ubuntu.com/6593-1/", "reference_id": "USN-6593-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6593-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050473?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u5" } ], "aliases": [ "CVE-2024-0553" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a18u-4j99-nbf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48022?format=api", "vulnerability_id": "VCID-abn3-2b4q-z7ga", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5981.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5981.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75849", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75881", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75893", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75906", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75911", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00916", "scoring_system": "epss", "scoring_elements": "0.75904", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5981" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056188", "reference_id": "1056188", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445", "reference_id": "2248445", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0155", "reference_id": "RHSA-2024:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0319", "reference_id": "RHSA-2024:0319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0399", "reference_id": "RHSA-2024:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0451", "reference_id": "RHSA-2024:0451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0533", "reference_id": "RHSA-2024:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://usn.ubuntu.com/6499-1/", "reference_id": "USN-6499-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6499-1/" }, { "reference_url": "https://usn.ubuntu.com/6499-2/", "reference_id": "USN-6499-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6499-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050473?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u5" } ], "aliases": [ "CVE-2023-5981" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abn3-2b4q-z7ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64669?format=api", "vulnerability_id": "VCID-f5c7-jcd9-67hj", "summary": "gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14831.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14831.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14831", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19853", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19907", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2028", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20235", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20961", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2102", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14831" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14831" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/issues/1773", "reference_id": "1773", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177", "reference_id": "2423177", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423177" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9", "reference_id": "cpe:/a:redhat:ai_inference_server:3.2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9", "reference_id": "cpe:/a:redhat:ceph_storage:8::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9", "reference_id": "cpe:/a:redhat:rhui:5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhui:5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux_eus:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-14831", "reference_id": "CVE-2025-14831", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-14831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3477", "reference_id": "RHSA-2026:3477", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4188", "reference_id": "RHSA-2026:4188", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4655", "reference_id": "RHSA-2026:4655", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5585", "reference_id": "RHSA-2026:5585", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:5585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6618", "reference_id": "RHSA-2026:6618", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:6618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6630", "reference_id": "RHSA-2026:6630", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:6630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6737", "reference_id": "RHSA-2026:6737", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:6737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6738", "reference_id": "RHSA-2026:6738", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7329", "reference_id": "RHSA-2026:7329", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7335", "reference_id": "RHSA-2026:7335", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:25:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7335" }, { "reference_url": "https://usn.ubuntu.com/8043-1/", "reference_id": "USN-8043-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8043-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2025-14831", "GNUTLS-SA-2026-02-09-2" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f5c7-jcd9-67hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59429?format=api", "vulnerability_id": "VCID-pf5n-65mk-2ff3", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32990.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32990.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2197", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22023", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23645", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23603", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23512", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23583", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23628", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32990" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32990" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359620", "reference_id": "2359620", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359620" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9", "reference_id": "cpe:/a:redhat:ceph_storage:7::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32990", "reference_id": "CVE-2025-32990", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32990" }, { "reference_url": "https://security.gentoo.org/glsa/202509-08", "reference_id": "GLSA-202509-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16115", "reference_id": "RHSA-2025:16115", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:16115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16116", "reference_id": "RHSA-2025:16116", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:16116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17181", "reference_id": "RHSA-2025:17181", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17348", "reference_id": "RHSA-2025:17348", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17361", "reference_id": "RHSA-2025:17361", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17415", "reference_id": "RHSA-2025:17415", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19088", "reference_id": "RHSA-2025:19088", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:06:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://usn.ubuntu.com/7635-1/", "reference_id": "USN-7635-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7635-1/" }, { "reference_url": "https://usn.ubuntu.com/7742-1/", "reference_id": "USN-7742-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7742-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2025-32990", "GNUTLS-SA-2025-07-08-3" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pf5n-65mk-2ff3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48028?format=api", "vulnerability_id": "VCID-qtsh-kn2d-h7cr", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28835.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10874", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10776", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.107", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13317", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13284", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13246", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28835" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", "reference_id": "004845.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:00:08Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067463", "reference_id": "1067463", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067463" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269084", "reference_id": "2269084", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:00:08Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269084" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-28835", "reference_id": "CVE-2024-28835", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:00:08Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-28835" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1879", "reference_id": "RHSA-2024:1879", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:00:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2570", "reference_id": "RHSA-2024:2570", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:00:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2889", "reference_id": "RHSA-2024:2889", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T18:00:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2889" }, { "reference_url": "https://usn.ubuntu.com/6733-1/", "reference_id": "USN-6733-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6733-1/" }, { "reference_url": "https://usn.ubuntu.com/6733-2/", "reference_id": "USN-6733-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6733-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2024-28835", "GNUTLS-SA-2024-01-23" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtsh-kn2d-h7cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59426?format=api", "vulnerability_id": "VCID-uc8j-r79v-n7ck", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16932", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16875", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19034", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19133", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19087", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32988" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html", "reference_id": "004883.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359622", "reference_id": "2359622", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359622" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9", "reference_id": "cpe:/a:redhat:ceph_storage:7::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32988", "reference_id": "CVE-2025-32988", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32988" }, { "reference_url": "https://security.gentoo.org/glsa/202509-08", "reference_id": "GLSA-202509-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16115", "reference_id": "RHSA-2025:16115", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:16115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16116", "reference_id": "RHSA-2025:16116", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:16116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17181", "reference_id": "RHSA-2025:17181", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17348", "reference_id": "RHSA-2025:17348", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17361", "reference_id": "RHSA-2025:17361", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17415", "reference_id": "RHSA-2025:17415", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19088", "reference_id": "RHSA-2025:19088", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T20:04:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://usn.ubuntu.com/7635-1/", "reference_id": "USN-7635-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7635-1/" }, { "reference_url": "https://usn.ubuntu.com/7742-1/", "reference_id": "USN-7742-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7742-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2025-32988", "GNUTLS-SA-2025-07-08-2" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uc8j-r79v-n7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48026?format=api", "vulnerability_id": "VCID-w7f6-5b6h-8kh4", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.8172", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81668", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81691", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81688", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81719", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01605", "scoring_system": "epss", "scoring_elements": "0.81727", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0567" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html", "reference_id": "004841.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061045", "reference_id": "1061045", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061045" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/issues/1521", "reference_id": "1521", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544", "reference_id": "2258544", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9", "reference_id": "cpe:/a:redhat:logging:5.8::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11", "reference_id": "cpe:/a:redhat:openshift:3.11", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9", "reference_id": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-0567", "reference_id": "CVE-2024-0567", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-0567" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0533", "reference_id": "RHSA-2024:0533", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1082", "reference_id": "RHSA-2024:1082", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2094", "reference_id": "RHSA-2024:2094", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:37:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "reference_url": "https://usn.ubuntu.com/6593-1/", "reference_id": "USN-6593-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6593-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050473?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u5" } ], "aliases": [ "CVE-2024-0567" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7f6-5b6h-8kh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59424?format=api", "vulnerability_id": "VCID-wqyp-93bk-vbh2", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6395.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20371", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20432", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22175", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22135", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22021", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22156", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376755", "reference_id": "2376755", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376755" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9", "reference_id": "cpe:/a:redhat:ceph_storage:7::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-6395", "reference_id": "CVE-2025-6395", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-6395" }, { "reference_url": "https://security.gentoo.org/glsa/202509-08", "reference_id": "GLSA-202509-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16115", "reference_id": "RHSA-2025:16115", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:16115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16116", "reference_id": "RHSA-2025:16116", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:16116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17181", "reference_id": "RHSA-2025:17181", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17348", "reference_id": "RHSA-2025:17348", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17361", "reference_id": "RHSA-2025:17361", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17415", "reference_id": "RHSA-2025:17415", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19088", "reference_id": "RHSA-2025:19088", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:32:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://usn.ubuntu.com/7635-1/", "reference_id": "USN-7635-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7635-1/" }, { "reference_url": "https://usn.ubuntu.com/7742-1/", "reference_id": "USN-7742-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7742-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2025-6395", "GNUTLS-SA-2025-07-08-4" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqyp-93bk-vbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59423?format=api", "vulnerability_id": "VCID-x5jd-qddc-eudq", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82223", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82166", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82187", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82183", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82209", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82236", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01689", "scoring_system": "epss", "scoring_elements": "0.82228", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/issues/1553", "reference_id": "1553", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344615", "reference_id": "2344615", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344615" }, { "reference_url": "https://gitlab.com/gnutls/libtasn1/-/issues/52", "reference_id": "52", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://gitlab.com/gnutls/libtasn1/-/issues/52" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9", "reference_id": "cpe:/a:redhat:discovery:1.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-12243", "reference_id": "CVE-2024-12243", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-12243" }, { "reference_url": "https://security.gentoo.org/glsa/202509-08", "reference_id": "GLSA-202509-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17361", "reference_id": "RHSA-2025:17361", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:17361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4051", "reference_id": "RHSA-2025:4051", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7076", "reference_id": "RHSA-2025:7076", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8020", "reference_id": "RHSA-2025:8020", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8385", "reference_id": "RHSA-2025:8385", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:20Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:8385" }, { "reference_url": "https://usn.ubuntu.com/7281-1/", "reference_id": "USN-7281-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7281-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050474?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.9-2%2Bdeb12u5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.9-2%252Bdeb12u5" } ], "aliases": [ "CVE-2024-12243", "GNUTLS-SA-2025-02-07" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5jd-qddc-eudq" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81482?format=api", "vulnerability_id": "VCID-3qcs-1fcj-m3fw", "summary": "gnutls: DTLS client hello contains a random value of all zeroes", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00015.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11501.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11501.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93575", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.9361", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93584", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11487", "scoring_system": "epss", "scoring_elements": "0.93593", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11501" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11501", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11501" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/commit/5b595e8e52653f6c5726a4cdd8fddeb6e83804d2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/gnutls/gnutls/-/commit/5b595e8e52653f6c5726a4cdd8fddeb6e83804d2" }, { "reference_url": "https://gitlab.com/gnutls/gnutls/-/issues/960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/gnutls/gnutls/-/issues/960" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILMOWPKMTZAIMK5F32TUMO34XCABUCFJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILMOWPKMTZAIMK5F32TUMO34XCABUCFJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WDYY3R4F5CUTFAMXH2C5NKYFVDEJLTT7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WDYY3R4F5CUTFAMXH2C5NKYFVDEJLTT7/" }, { "reference_url": "https://security.gentoo.org/glsa/202004-06", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200416-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200416-0002/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4652", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4652" }, { "reference_url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-03-31", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-03-31" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821896", "reference_id": "1821896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821896" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955556", "reference_id": "955556", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955556" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11501", "reference_id": "CVE-2020-11501", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1998", "reference_id": "RHSA-2020:1998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1998" }, { "reference_url": "https://usn.ubuntu.com/4322-1/", "reference_id": "USN-4322-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4322-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038212?format=api", "purl": "pkg:deb/debian/gnutls28@3.6.7-4%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3qcs-1fcj-m3fw" }, { "vulnerability": "VCID-6fzu-8998-abdk" }, { "vulnerability": "VCID-86j1-j381-cucy" }, { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-gy9e-81rw-pug2" }, { "vulnerability": "VCID-jxjc-vjdc-1yfj" }, { "vulnerability": "VCID-k5vv-ts4z-j7g5" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-sp9u-9wwg-b7e9" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-uws5-j79f-cbar" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.6.7-4%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2020-11501", "GNUTLS-SA-2020-03-31" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qcs-1fcj-m3fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49031?format=api", "vulnerability_id": "VCID-6fzu-8998-abdk", "summary": "An information disclosure vulnerability in GnuTLS allow remote\n attackers to obtain sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13777.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13777.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75032", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.7504", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75064", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75108", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00863", "scoring_system": "epss", "scoring_elements": "0.75034", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01521", "scoring_system": "epss", "scoring_elements": "0.81255", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01521", "scoring_system": "epss", "scoring_elements": "0.81263", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13777" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843723", "reference_id": "1843723", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843723" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962289", "reference_id": "962289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962289" }, { "reference_url": "https://security.archlinux.org/ASA-202006-2", "reference_id": "ASA-202006-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202006-2" }, { "reference_url": "https://security.archlinux.org/AVG-1177", "reference_id": "AVG-1177", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1177" }, { "reference_url": "https://security.gentoo.org/glsa/202006-01", "reference_id": "GLSA-202006-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202006-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2637", "reference_id": "RHSA-2020:2637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2638", "reference_id": "RHSA-2020:2638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2639", "reference_id": "RHSA-2020:2639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2639" }, { "reference_url": "https://usn.ubuntu.com/4384-1/", "reference_id": "USN-4384-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4384-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038212?format=api", "purl": "pkg:deb/debian/gnutls28@3.6.7-4%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3qcs-1fcj-m3fw" }, { "vulnerability": "VCID-6fzu-8998-abdk" }, { "vulnerability": "VCID-86j1-j381-cucy" }, { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-gy9e-81rw-pug2" }, { "vulnerability": "VCID-jxjc-vjdc-1yfj" }, { "vulnerability": "VCID-k5vv-ts4z-j7g5" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-sp9u-9wwg-b7e9" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-uws5-j79f-cbar" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.6.7-4%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13777", "GNUTLS-SA-2020-06-03" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fzu-8998-abdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48020?format=api", "vulnerability_id": "VCID-86j1-j381-cucy", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2509.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2509.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70257", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75756", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75712", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75767", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75743", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75722", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html", "reference_id": "004746.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:43:57Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2022-July/004746.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977", "reference_id": "2108977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108977" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/", "reference_id": "6FL27JS3VM74YEQU7PGB62USO3KSBYZX", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:43:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FL27JS3VM74YEQU7PGB62USO3KSBYZX/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-2509", "reference_id": "CVE-2022-2509", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:43:57Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-2509" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5203", "reference_id": "dsa-5203", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:43:57Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5203" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T20:43:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00002.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6854", "reference_id": "RHSA-2022:6854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7105", "reference_id": "RHSA-2022:7105", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7105" }, { "reference_url": "https://usn.ubuntu.com/5550-1/", "reference_id": "USN-5550-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5550-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2022-2509", "GNUTLS-SA-2022-07-07" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86j1-j381-cucy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79854?format=api", "vulnerability_id": "VCID-gy9e-81rw-pug2", "summary": "GnuTLS: Null pointer dereference in MD_UPDATE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4209.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4209.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4209", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56919", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56895", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56947", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.5695", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56958", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56938", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56915", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4209" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", "reference_id": "2044156", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156" }, { "reference_url": "https://usn.ubuntu.com/5550-1/", "reference_id": "USN-5550-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5550-1/" }, { "reference_url": "https://usn.ubuntu.com/5750-1/", "reference_id": "USN-5750-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5750-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2021-4209" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gy9e-81rw-pug2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48021?format=api", "vulnerability_id": "VCID-jxjc-vjdc-1yfj", "summary": "Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0361.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0361.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87746", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87759", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87762", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87783", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.8779", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87801", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87795", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03615", "scoring_system": "epss", "scoring_elements": "0.87794", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0361" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596", "reference_id": "2162596", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162596" }, { "reference_url": "https://security.gentoo.org/glsa/202411-06", "reference_id": "GLSA-202411-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1141", "reference_id": "RHSA-2023:1141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1200", "reference_id": "RHSA-2023:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1569", "reference_id": "RHSA-2023:1569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3361", "reference_id": "RHSA-2023:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3361" }, { "reference_url": "https://usn.ubuntu.com/5901-1/", "reference_id": "USN-5901-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5901-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2023-0361" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxjc-vjdc-1yfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80520?format=api", "vulnerability_id": "VCID-k5vv-ts4z-j7g5", "summary": "gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20232.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20232.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74724", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74768", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74727", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74754", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74728", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.7476", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.74778", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275", "reference_id": "1922275", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922275" }, { "reference_url": "https://security.archlinux.org/ASA-202103-1", "reference_id": "ASA-202103-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202103-1" }, { "reference_url": "https://security.archlinux.org/AVG-1674", "reference_id": "AVG-1674", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1674" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210416-0005/", "reference_id": "ntap-20210416-0005", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210416-0005/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/", "reference_id": "OSLAE6PP33A7VYRYMYMUVB3U6B26GZER", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/" }, { "reference_url": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E", "reference_id": "r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E", "reference_id": "r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E", "reference_id": "r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E", "reference_id": "r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E", "reference_id": "r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E", "reference_id": "rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E", "reference_id": "rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E", "reference_id": "rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4451", "reference_id": "RHSA-2021:4451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4451" }, { "reference_url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10", "reference_id": "security-new.html#GNUTLS-SA-2021-03-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T15:03:27Z/" } ], "url": "https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10" }, { "reference_url": "https://usn.ubuntu.com/5029-1/", "reference_id": "USN-5029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20232" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5vv-ts4z-j7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31950?format=api", "vulnerability_id": "VCID-sp9u-9wwg-b7e9", "summary": "A flaw was found in GnuTLS, possibly allowing a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24659.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24659.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87779", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87804", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87832", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87844", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87838", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03633", "scoring_system": "epss", "scoring_elements": "0.87837", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24659" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872021", "reference_id": "1872021", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872021" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969547", "reference_id": "969547", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969547" }, { "reference_url": "https://security.gentoo.org/glsa/202009-01", "reference_id": "GLSA-202009-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202009-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5483", "reference_id": "RHSA-2020:5483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5483" }, { "reference_url": "https://usn.ubuntu.com/4491-1/", "reference_id": "USN-4491-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4491-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2020-24659", "GNUTLS-SA-2020-09-04" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sp9u-9wwg-b7e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80521?format=api", "vulnerability_id": "VCID-uws5-j79f-cbar", "summary": "gnutls: Use after free in client key_share extension", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20231.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75866", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75915", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75951", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.7587", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78885", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276", "reference_id": "1922276", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922276" }, { "reference_url": "https://security.archlinux.org/ASA-202103-1", "reference_id": "ASA-202103-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202103-1" }, { "reference_url": "https://security.archlinux.org/AVG-1674", "reference_id": "AVG-1674", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4451", "reference_id": "RHSA-2021:4451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4451" }, { "reference_url": "https://usn.ubuntu.com/5029-1/", "reference_id": "USN-5029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5029-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050472?format=api", "purl": "pkg:deb/debian/gnutls28@3.7.1-5%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-92x9-x1ep-cqdn" }, { "vulnerability": "VCID-9pdw-udwq-6kbz" }, { "vulnerability": "VCID-a18u-4j99-nbf8" }, { "vulnerability": "VCID-abn3-2b4q-z7ga" }, { "vulnerability": "VCID-f5c7-jcd9-67hj" }, { "vulnerability": "VCID-pf5n-65mk-2ff3" }, { "vulnerability": "VCID-qtsh-kn2d-h7cr" }, { "vulnerability": "VCID-uc8j-r79v-n7ck" }, { "vulnerability": "VCID-w7f6-5b6h-8kh4" }, { "vulnerability": "VCID-wqyp-93bk-vbh2" }, { "vulnerability": "VCID-x5jd-qddc-eudq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20231", "GNUTLS-SA-2021-03-10" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uws5-j79f-cbar" } ], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnutls28@3.7.1-5%252Bdeb11u3" }