Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/138855?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/138855?format=api", "purl": "pkg:rpm/redhat/libX11@1.6.8-4?arch=el8", "type": "rpm", "namespace": "redhat", "name": "libX11", "version": "1.6.8-4", "qualifiers": { "arch": "el8" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106699?format=api", "vulnerability_id": "VCID-713b-xwq2-7ych", "summary": "A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25712.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25712.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32452", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32524", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32493", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887276", "reference_id": "1887276", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887276" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976216", "reference_id": "976216", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976216" }, { "reference_url": "https://security.archlinux.org/ASA-202012-6", "reference_id": "ASA-202012-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-6" }, { "reference_url": "https://security.archlinux.org/AVG-1310", "reference_id": "AVG-1310", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1310" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5408", "reference_id": "RHSA-2020:5408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4656-1/", "reference_id": "USN-4656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4656-1/" }, { "reference_url": "https://usn.ubuntu.com/4656-2/", "reference_id": "USN-4656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4656-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-25712" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-713b-xwq2-7ych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106698?format=api", "vulnerability_id": "VCID-a2n5-8wwp-87hw", "summary": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14362.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14362.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46046", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46114", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46116", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869144", "reference_id": "1869144", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869144" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4910", "reference_id": "RHSA-2020:4910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4953", "reference_id": "RHSA-2020:4953", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4488-1/", "reference_id": "USN-4488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-1/" }, { "reference_url": "https://usn.ubuntu.com/4488-2/", "reference_id": "USN-4488-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14362" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a2n5-8wwp-87hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106693?format=api", "vulnerability_id": "VCID-ej11-bqxf-7qas", "summary": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14345.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27491", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27557", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27506", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862241", "reference_id": "1862241", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862241" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4910", "reference_id": "RHSA-2020:4910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4953", "reference_id": "RHSA-2020:4953", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4488-2/", "reference_id": "USN-4488-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-2/" }, { "reference_url": "https://usn.ubuntu.com/4490-1/", "reference_id": "USN-4490-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4490-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14345" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ej11-bqxf-7qas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106696?format=api", "vulnerability_id": "VCID-fm63-7bke-rbe2", "summary": "A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3308", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33182", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33196", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869139", "reference_id": "1869139", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976216", "reference_id": "976216", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976216" }, { "reference_url": "https://security.archlinux.org/ASA-202012-6", "reference_id": "ASA-202012-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-6" }, { "reference_url": "https://security.archlinux.org/AVG-1310", "reference_id": "AVG-1310", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1310" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5408", "reference_id": "RHSA-2020:5408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4656-1/", "reference_id": "USN-4656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4656-1/" }, { "reference_url": "https://usn.ubuntu.com/4656-2/", "reference_id": "USN-4656-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4656-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14360" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fm63-7bke-rbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106695?format=api", "vulnerability_id": "VCID-hzef-8edc-hyev", "summary": "A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14347.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14347.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14347", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26971", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27068", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2706", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862258", "reference_id": "1862258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862258" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968986", "reference_id": "968986", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968986" }, { "reference_url": "https://security.archlinux.org/AVG-1211", "reference_id": "AVG-1211", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1211" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5408", "reference_id": "RHSA-2020:5408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4488-1/", "reference_id": "USN-4488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-1/" }, { "reference_url": "https://usn.ubuntu.com/4488-2/", "reference_id": "USN-4488-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14347" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzef-8edc-hyev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106697?format=api", "vulnerability_id": "VCID-jrks-xpht-eycq", "summary": "A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14361.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14361.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46046", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46114", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46116", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869142", "reference_id": "1869142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869142" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4910", "reference_id": "RHSA-2020:4910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4953", "reference_id": "RHSA-2020:4953", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4488-1/", "reference_id": "USN-4488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-1/" }, { "reference_url": "https://usn.ubuntu.com/4488-2/", "reference_id": "USN-4488-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14361" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrks-xpht-eycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77836?format=api", "vulnerability_id": "VCID-mvfu-znny-6ffx", "summary": "An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14363.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14363.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35193", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.353", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3531", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14363" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872473", "reference_id": "1872473", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1872473" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969008", "reference_id": "969008", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969008" }, { "reference_url": "https://security.gentoo.org/glsa/202008-18", "reference_id": "GLSA-202008-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4908", "reference_id": "RHSA-2020:4908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4946", "reference_id": "RHSA-2020:4946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4487-1/", "reference_id": "USN-4487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4487-1/" }, { "reference_url": "https://usn.ubuntu.com/4487-2/", "reference_id": "USN-4487-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4487-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14363" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mvfu-znny-6ffx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106694?format=api", "vulnerability_id": "VCID-rqjp-d3mr-ykdx", "summary": "A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14346.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14346.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14346", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.35814", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3591", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3592", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862246", "reference_id": "1862246", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862246" }, { "reference_url": "https://security.gentoo.org/glsa/202012-01", "reference_id": "GLSA-202012-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4910", "reference_id": "RHSA-2020:4910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4953", "reference_id": "RHSA-2020:4953", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4488-1/", "reference_id": "USN-4488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-1/" }, { "reference_url": "https://usn.ubuntu.com/4488-2/", "reference_id": "USN-4488-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4488-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14346" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqjp-d3mr-ykdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5847?format=api", "vulnerability_id": "VCID-y6zb-yxr1-5khh", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14344.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36801", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36893", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36899", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862255", "reference_id": "1862255", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862255" }, { "reference_url": "https://security.archlinux.org/AVG-1212", "reference_id": "AVG-1212", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1212" }, { "reference_url": "https://security.gentoo.org/glsa/202008-18", "reference_id": "GLSA-202008-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1804", "reference_id": "RHSA-2021:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1804" }, { "reference_url": "https://usn.ubuntu.com/4487-1/", "reference_id": "USN-4487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4487-1/" }, { "reference_url": "https://usn.ubuntu.com/4487-2/", "reference_id": "USN-4487-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4487-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2020-14344" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6zb-yxr1-5khh" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libX11@1.6.8-4%3Farch=el8" }