Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/326762?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "type": "apk", "namespace": "alpine", "name": "qt6-qtwebengine", "version": "6.7.2-r6", "qualifiers": { "arch": "riscv64", "distroversion": "v3.23", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "6.8.2-r3", "latest_non_vulnerable_version": "6.10.3-r3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63826?format=api", "vulnerability_id": "VCID-231c-8c2j-3fhb", "summary": "Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44527", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10231" }, { "reference_url": "https://issues.chromium.org/issues/372269618", "reference_id": "372269618", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:26:07Z/" } ], "url": "https://issues.chromium.org/issues/372269618" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:26:07Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-10231" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-231c-8c2j-3fhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63828?format=api", "vulnerability_id": "VCID-54p4-3xkt-qbev", "summary": "Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53528", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10487" }, { "reference_url": "https://issues.chromium.org/issues/375123371", "reference_id": "375123371", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T03:55:21Z/" } ], "url": "https://issues.chromium.org/issues/375123371" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T03:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-10487" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54p4-3xkt-qbev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67076?format=api", "vulnerability_id": "VCID-ax2q-63fe-fqes", "summary": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01143", "scoring_system": "epss", "scoring_elements": "0.78801", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080150", "reference_id": "1080150", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080150" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "reference_id": "2308616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/888", "reference_id": "888", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:48Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/888" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/891", "reference_id": "891", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:48Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/891" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6754", "reference_id": "RHSA-2024:6754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6989", "reference_id": "RHSA-2024:6989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8859", "reference_id": "RHSA-2024:8859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9610", "reference_id": "RHSA-2024:9610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9610" }, { "reference_url": "https://usn.ubuntu.com/7000-1/", "reference_id": "USN-7000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-1/" }, { "reference_url": "https://usn.ubuntu.com/7000-2/", "reference_id": "USN-7000-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-2/" }, { "reference_url": "https://usn.ubuntu.com/7001-1/", "reference_id": "USN-7001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7001-1/" }, { "reference_url": "https://usn.ubuntu.com/7001-2/", "reference_id": "USN-7001-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7001-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-45491" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ax2q-63fe-fqes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64269?format=api", "vulnerability_id": "VCID-cfp1-xh5t-rbaa", "summary": "Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82903", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9965" }, { "reference_url": "https://issues.chromium.org/issues/352651673", "reference_id": "352651673", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-25T18:32:02Z/" } ], "url": "https://issues.chromium.org/issues/352651673" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-25T18:32:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-9965" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cfp1-xh5t-rbaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64253?format=api", "vulnerability_id": "VCID-ezts-1p5y-4fdv", "summary": "Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34203", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9369" }, { "reference_url": "https://issues.chromium.org/issues/368208152", "reference_id": "368208152", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:42:50Z/" } ], "url": "https://issues.chromium.org/issues/368208152" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:42:50Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-9369" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ezts-1p5y-4fdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64255?format=api", "vulnerability_id": "VCID-f6mg-55sw-1yeg", "summary": "Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.62289", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9602" }, { "reference_url": "https://issues.chromium.org/issues/368241697", "reference_id": "368241697", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T16:11:31Z/" } ], "url": "https://issues.chromium.org/issues/368241697" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html", "reference_id": "stable-channel-update-for-desktop_8.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T16:11:31Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-9602" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f6mg-55sw-1yeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63854?format=api", "vulnerability_id": "VCID-rs1v-u9ub-pyf9", "summary": "Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.75088", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10827" }, { "reference_url": "https://issues.chromium.org/issues/375065084", "reference_id": "375065084", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T17:04:09Z/" } ], "url": "https://issues.chromium.org/issues/375065084" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T17:04:09Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-10827" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rs1v-u9ub-pyf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64250?format=api", "vulnerability_id": "VCID-w8fx-ep5t-tfcz", "summary": "Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15009", "scoring_system": "epss", "scoring_elements": "0.94702", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9122" }, { "reference_url": "https://issues.chromium.org/issues/365802567", "reference_id": "365802567", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:24:14Z/" } ], "url": "https://issues.chromium.org/issues/365802567" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:24:14Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-9122" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w8fx-ep5t-tfcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63824?format=api", "vulnerability_id": "VCID-xnvx-sc5k-xbbh", "summary": "Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17542", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10229" }, { "reference_url": "https://issues.chromium.org/issues/371011220", "reference_id": "371011220", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:37:18Z/" } ], "url": "https://issues.chromium.org/issues/371011220" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:37:18Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-10229" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xnvx-sc5k-xbbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64248?format=api", "vulnerability_id": "VCID-yeqy-h2x6-bfa7", "summary": "Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45529", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9120" }, { "reference_url": "https://issues.chromium.org/issues/365254285", "reference_id": "365254285", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:25:39Z/" } ], "url": "https://issues.chromium.org/issues/365254285" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:25:39Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/326762?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" } ], "aliases": [ "CVE-2024-9120" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yeqy-h2x6-bfa7" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.7.2-r6%3Farch=riscv64&distroversion=v3.23&reponame=community" }