Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/35013?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "type": "deb", "namespace": "debian", "name": "cloud-init", "version": "22.4.2-1+deb12u3", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "23.2-1", "latest_non_vulnerable_version": "26.1-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15003?format=api", "vulnerability_id": "VCID-m59c-mwrh-1ubc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12619", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12607", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12627", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12526", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1786" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035023", "reference_id": "1035023", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035023" }, { "reference_url": "https://bugs.launchpad.net/cloud-init/+bug/2013967", "reference_id": "2013967", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T19:16:40Z/" } ], "url": "https://bugs.launchpad.net/cloud-init/+bug/2013967" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190079", "reference_id": "2190079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190079" }, { "reference_url": "https://github.com/canonical/cloud-init/commit/a378b7e4f47375458651c0972e7cd813f6fe0a6b", "reference_id": "a378b7e4f47375458651c0972e7cd813f6fe0a6b", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T19:16:40Z/" } ], "url": "https://github.com/canonical/cloud-init/commit/a378b7e4f47375458651c0972e7cd813f6fe0a6b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ATBJSXPL2IOAD2LDQRKWPLIC7QXS44GZ/", "reference_id": "ATBJSXPL2IOAD2LDQRKWPLIC7QXS44GZ", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T19:16:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ATBJSXPL2IOAD2LDQRKWPLIC7QXS44GZ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6371", "reference_id": "RHSA-2023:6371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6943", "reference_id": "RHSA-2023:6943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6943" }, { "reference_url": "https://ubuntu.com/security/notices/USN-6042-1", "reference_id": "USN-6042-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-31T19:16:40Z/" } ], "url": "https://ubuntu.com/security/notices/USN-6042-1" }, { "reference_url": "https://usn.ubuntu.com/6042-1/", "reference_id": "USN-6042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35032?format=api", "purl": "pkg:deb/debian/cloud-init@23.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@23.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-1786" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m59c-mwrh-1ubc" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22240?format=api", "vulnerability_id": "VCID-3fky-96nx-g3fm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6174.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6174.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32239", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32058", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32243", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3226", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6174" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6174", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6174" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108403", "reference_id": "1108403", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108403" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374924", "reference_id": "2374924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374924" }, { "reference_url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3", "reference_id": "25.1.3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T13:29:27Z/" } ], "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10844", "reference_id": "RHSA-2025:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10848", "reference_id": "RHSA-2025:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10876", "reference_id": "RHSA-2025:10876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10879", "reference_id": "RHSA-2025:10879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11295", "reference_id": "RHSA-2025:11295", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11295" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11324", "reference_id": "RHSA-2025:11324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11337", "reference_id": "RHSA-2025:11337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11339", "reference_id": "RHSA-2025:11339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11339" }, { "reference_url": "https://usn.ubuntu.com/7677-1/", "reference_id": "USN-7677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7677-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35035?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6174" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fky-96nx-g3fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8819?format=api", "vulnerability_id": "VCID-7pw5-xy56-vkfm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8632.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26747", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26948", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26962", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26946", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8632" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798728", "reference_id": "1798728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798728" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951363", "reference_id": "951363", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3898", "reference_id": "RHSA-2020:3898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4650", "reference_id": "RHSA-2020:4650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4650" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35021?format=api", "purl": "pkg:deb/debian/cloud-init@19.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@19.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35015?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fky-96nx-g3fm" }, { "vulnerability": "VCID-j6r1-k6fp-e7e2" }, { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8632" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7pw5-xy56-vkfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8818?format=api", "vulnerability_id": "VCID-8ps7-bhf4-6kgv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29433", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29635", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29652", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29637", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798731", "reference_id": "1798731", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798731" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951362", "reference_id": "951362", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951362" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3898", "reference_id": "RHSA-2020:3898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4650", "reference_id": "RHSA-2020:4650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4650" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35021?format=api", "purl": "pkg:deb/debian/cloud-init@19.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@19.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35015?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fky-96nx-g3fm" }, { "vulnerability": "VCID-j6r1-k6fp-e7e2" }, { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-8631" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ps7-bhf4-6kgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/206530?format=api", "vulnerability_id": "VCID-b39w-8qhv-8qg4", "summary": "A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0816.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27553", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27755", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27771", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0816" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1680165", "reference_id": "1680165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1680165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926043", "reference_id": "926043", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0597", "reference_id": "RHSA-2019:0597", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0597" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35020?format=api", "purl": "pkg:deb/debian/cloud-init@18.3-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@18.3-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35015?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fky-96nx-g3fm" }, { "vulnerability": "VCID-j6r1-k6fp-e7e2" }, { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-0816" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b39w-8qhv-8qg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/174245?format=api", "vulnerability_id": "VCID-h3b2-c9uf-6ya9", "summary": "Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2084.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2084.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2084", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07772", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07747", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07783", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07777", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2084" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014247", "reference_id": "1014247", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014247" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188198", "reference_id": "2188198", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188198" }, { "reference_url": "https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c", "reference_id": "4d467b14363d800b2185b89790d57871f11ea88c", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:41:29Z/" } ], "url": "https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c" }, { "reference_url": "https://ubuntu.com/security/notices/USN-5496-1", "reference_id": "USN-5496-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:41:29Z/" } ], "url": "https://ubuntu.com/security/notices/USN-5496-1" }, { "reference_url": "https://usn.ubuntu.com/5496-1/", "reference_id": "USN-5496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5496-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35026?format=api", "purl": "pkg:deb/debian/cloud-init@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35015?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fky-96nx-g3fm" }, { "vulnerability": "VCID-j6r1-k6fp-e7e2" }, { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35025?format=api", "purl": "pkg:deb/debian/cloud-init@22.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2084" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3b2-c9uf-6ya9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18066?format=api", "vulnerability_id": "VCID-j6r1-k6fp-e7e2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11584.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11584.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11584", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27419", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27215", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27416", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27437", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11584" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11584", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11584" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108402", "reference_id": "1108402", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108402" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374926", "reference_id": "2374926", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374926" }, { "reference_url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3", "reference_id": "25.1.3", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T13:00:38Z/" } ], "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3" }, { "reference_url": "https://github.com/canonical/cloud-init/pull/6265/commits/6e10240a7f0a2d6110b398640b3fd46cfa9a7cf3", "reference_id": "6e10240a7f0a2d6110b398640b3fd46cfa9a7cf3", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T13:00:38Z/" } ], "url": "https://github.com/canonical/cloud-init/pull/6265/commits/6e10240a7f0a2d6110b398640b3fd46cfa9a7cf3" }, { "reference_url": "https://usn.ubuntu.com/7677-1/", "reference_id": "USN-7677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7677-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35035?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-11584" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6r1-k6fp-e7e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/202609?format=api", "vulnerability_id": "VCID-ppjw-ggst-3qas", "summary": "An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6639.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6639.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01139", "scoring_system": "epss", "scoring_elements": "0.78819", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01139", "scoring_system": "epss", "scoring_elements": "0.78885", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01139", "scoring_system": "epss", "scoring_elements": "0.78901", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01139", "scoring_system": "epss", "scoring_elements": "0.78898", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6639" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6639" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1073591", "reference_id": "1073591", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1073591" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35014?format=api", "purl": "pkg:deb/debian/cloud-init@0.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@0.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35015?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fky-96nx-g3fm" }, { "vulnerability": "VCID-j6r1-k6fp-e7e2" }, { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-6639" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppjw-ggst-3qas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9646?format=api", "vulnerability_id": "VCID-tjvd-1dh1-kqae", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3429.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19426", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1926", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19429", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19449", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3429" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940967", "reference_id": "1940967", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940967" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985540", "reference_id": "985540", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985540" }, { "reference_url": "https://github.com/canonical/cloud-init/commit/b794d426b9ab43ea9d6371477466070d86e10668", "reference_id": "b794d426b9ab43ea9d6371477466070d86e10668", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T14:43:36Z/" } ], "url": "https://github.com/canonical/cloud-init/commit/b794d426b9ab43ea9d6371477466070d86e10668" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3081", "reference_id": "RHSA-2021:3081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3081" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3177", "reference_id": "RHSA-2021:3177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3371", "reference_id": "RHSA-2021:3371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3371" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35023?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35015?format=api", "purl": "pkg:deb/debian/cloud-init@20.4.1-2%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3fky-96nx-g3fm" }, { "vulnerability": "VCID-j6r1-k6fp-e7e2" }, { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@20.4.1-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35013?format=api", "purl": "pkg:deb/debian/cloud-init@22.4.2-1%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m59c-mwrh-1ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35017?format=api", "purl": "pkg:deb/debian/cloud-init@25.1.4-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@25.1.4-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35016?format=api", "purl": "pkg:deb/debian/cloud-init@26.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@26.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3429" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjvd-1dh1-kqae" } ], "risk_score": "2.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cloud-init@22.4.2-1%252Bdeb12u3%3Fdistro=trixie" }