Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1081587?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "webkit2gtk", "version": "2.52.3-2~deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.52.3-2", "latest_non_vulnerable_version": "2.52.3-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63947?format=api", "vulnerability_id": "VCID-88kv-qter-5fc3", "summary": "webkitgtk: A malicious website may be able to access script message handlers intended for other origins", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10517", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10377", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10514", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10544", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10511", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10489", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10356", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1033", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10444", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11502", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1143", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28861" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:48:37Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126793", "reference_id": "126793", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:48:37Z/" } ], "url": "https://support.apple.com/en-us/126793" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:48:37Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:48:37Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T13:48:37Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453007", "reference_id": "2453007", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453007" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28861" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88kv-qter-5fc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63942?format=api", "vulnerability_id": "VCID-8cxd-4p9j-dyf1", "summary": "webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20664.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11348", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11432", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11489", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11433", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11299", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11422", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11366", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12445", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12563", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20664" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20664" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:20:44Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:20:44Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:20:44Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:20:44Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453001", "reference_id": "2453001", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-20664" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8cxd-4p9j-dyf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63948?format=api", "vulnerability_id": "VCID-eu4s-vvyf-pqh3", "summary": "webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10135", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10032", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10108", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10169", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10209", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10022", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09999", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10129", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10105", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11035", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11098", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28871" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:47:46Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126793", "reference_id": "126793", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:47:46Z/" } ], "url": "https://support.apple.com/en-us/126793" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:47:46Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:47:46Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453008", "reference_id": "2453008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28871" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eu4s-vvyf-pqh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63946?format=api", "vulnerability_id": "VCID-ffha-wafn-sqa9", "summary": "webkitgtk: A malicious website may be able to process restricted web content outside the sandbox", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12006", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11889", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11919", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.118", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11803", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11996", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11988", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1205", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.12977", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1308", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28859" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:29:45Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:29:45Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126797", "reference_id": "126797", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:29:45Z/" } ], "url": "https://support.apple.com/en-us/126797" }, { "reference_url": "https://support.apple.com/en-us/126798", "reference_id": "126798", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:29:45Z/" } ], "url": "https://support.apple.com/en-us/126798" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:29:45Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:29:45Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453006", "reference_id": "2453006", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28859" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ffha-wafn-sqa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63944?format=api", "vulnerability_id": "VCID-fpvs-seby-kfhv", "summary": "webkitgtk: A maliciously crafted webpage may be able to fingerprint the user", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10517", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10377", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10514", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10544", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10511", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10489", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10356", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1033", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10444", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11502", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1143", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:08:58Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:08:58Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126798", "reference_id": "126798", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:08:58Z/" } ], "url": "https://support.apple.com/en-us/126798" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:08:58Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T15:08:58Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453003", "reference_id": "2453003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-20691" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpvs-seby-kfhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63943?format=api", "vulnerability_id": "VCID-gqm2-5nh3-7ufp", "summary": "webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20665.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20665.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.3659", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.3622", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36448", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36504", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36521", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36479", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36537", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.3653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36511", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36623", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36459", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38022", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38116", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20665" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20665", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20665" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126793", "reference_id": "126793", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126793" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126797", "reference_id": "126797", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126797" }, { "reference_url": "https://support.apple.com/en-us/126798", "reference_id": "126798", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126798" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:30:29Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453002", "reference_id": "2453002", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-20665" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gqm2-5nh3-7ufp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63941?format=api", "vulnerability_id": "VCID-nwkr-s7vs-p7fz", "summary": "webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20643.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-20643.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20643", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09744", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09655", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09771", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09788", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0982", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0981", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0976", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09793", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09689", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10762", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10904", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10864", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10823", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-20643" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20643", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20643" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126604", "reference_id": "126604", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T13:14:53Z/" } ], "url": "https://support.apple.com/en-us/126604" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T13:14:53Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126793", "reference_id": "126793", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T13:14:53Z/" } ], "url": "https://support.apple.com/en-us/126793" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T13:14:53Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T13:14:53Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-18T13:14:53Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453000", "reference_id": "2453000", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-20643" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwkr-s7vs-p7fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64213?format=api", "vulnerability_id": "VCID-teue-y6qz-jyfw", "summary": "webkitgtk: Processing maliciously crafted web content may disclose internal states of the app", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46299.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46299.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-46299", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0601", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06264", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06046", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0607", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06109", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.061", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06086", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06051", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06061", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06224", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06255", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-46299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46299" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/125884", "reference_id": "125884", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T22:03:03Z/" } ], "url": "https://support.apple.com/en-us/125884" }, { "reference_url": "https://support.apple.com/en-us/125886", "reference_id": "125886", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T22:03:03Z/" } ], "url": "https://support.apple.com/en-us/125886" }, { "reference_url": "https://support.apple.com/en-us/125889", "reference_id": "125889", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T22:03:03Z/" } ], "url": "https://support.apple.com/en-us/125889" }, { "reference_url": "https://support.apple.com/en-us/125890", "reference_id": "125890", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T22:03:03Z/" } ], "url": "https://support.apple.com/en-us/125890" }, { "reference_url": "https://support.apple.com/en-us/125891", "reference_id": "125891", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T22:03:03Z/" } ], "url": "https://support.apple.com/en-us/125891" }, { "reference_url": "https://support.apple.com/en-us/125892", "reference_id": "125892", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-09T22:03:03Z/" } ], "url": "https://support.apple.com/en-us/125892" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448788", "reference_id": "2448788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942620?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-46299" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-teue-y6qz-jyfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63945?format=api", "vulnerability_id": "VCID-zk2j-9hd2-hfcn", "summary": "webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1149", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11496", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11463", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11434", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.113", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11299", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11422", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11366", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12564", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12447", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28857" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/126792", "reference_id": "126792", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:33:38Z/" } ], "url": "https://support.apple.com/en-us/126792" }, { "reference_url": "https://support.apple.com/en-us/126794", "reference_id": "126794", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:33:38Z/" } ], "url": "https://support.apple.com/en-us/126794" }, { "reference_url": "https://support.apple.com/en-us/126799", "reference_id": "126799", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:33:38Z/" } ], "url": "https://support.apple.com/en-us/126799" }, { "reference_url": "https://support.apple.com/en-us/126800", "reference_id": "126800", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-26T14:33:38Z/" } ], "url": "https://support.apple.com/en-us/126800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453004", "reference_id": "2453004", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10702", "reference_id": "RHSA-2026:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11329", "reference_id": "RHSA-2026:11329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9692", "reference_id": "RHSA-2026:9692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9692" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/942457?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88kv-qter-5fc3" }, { "vulnerability": "VCID-8cxd-4p9j-dyf1" }, { "vulnerability": "VCID-eu4s-vvyf-pqh3" }, { "vulnerability": "VCID-ffha-wafn-sqa9" }, { "vulnerability": "VCID-fpvs-seby-kfhv" }, { "vulnerability": "VCID-gqm2-5nh3-7ufp" }, { "vulnerability": "VCID-nwkr-s7vs-p7fz" }, { "vulnerability": "VCID-teue-y6qz-jyfw" }, { "vulnerability": "VCID-zk2j-9hd2-hfcn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.50.4-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/942456?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1066850?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067647?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1081587?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077505?format=api", "purl": "pkg:deb/debian/webkit2gtk@2.52.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28857" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zk2j-9hd2-hfcn" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/webkit2gtk@2.52.3-2~deb13u1%3Fdistro=trixie" }