Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/376133?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "type": "apk", "namespace": "alpine", "name": "qt6-qtwebengine", "version": "6.8.2-r3", "qualifiers": { "arch": "x86_64", "distroversion": "v3.22", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "6.8.2-r4", "latest_non_vulnerable_version": "6.8.3-r6", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266558?format=api", "vulnerability_id": "VCID-2tvv-jrqv-hyg4", "summary": "Rejected reason: Not exploitable", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0998" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2tvv-jrqv-hyg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47273?format=api", "vulnerability_id": "VCID-4dke-ryut-ebhg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.6639", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66399", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66354", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66317", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66378", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0436" }, { "reference_url": "https://issues.chromium.org/issues/382786791", "reference_id": "382786791", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:49:46Z/" } ], "url": "https://issues.chromium.org/issues/382786791" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:49:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0436" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dke-ryut-ebhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47285?format=api", "vulnerability_id": "VCID-5wu4-dfd3-wkh2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59034", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59036", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59018", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58971", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58959", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59017", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0762" }, { "reference_url": "https://issues.chromium.org/issues/384844003", "reference_id": "384844003", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T14:20:02Z/" } ], "url": "https://issues.chromium.org/issues/384844003" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T14:20:02Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0762" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5wu4-dfd3-wkh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96629?format=api", "vulnerability_id": "VCID-6fhm-q7k7-n3dw", "summary": "Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3071", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.106", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10793", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1076", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10645", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10778", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3071" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3071", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3071" }, { "reference_url": "https://issues.chromium.org/issues/40051596", "reference_id": "40051596", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T20:23:07Z/" } ], "url": "https://issues.chromium.org/issues/40051596" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T20:23:07Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-3071" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fhm-q7k7-n3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96503?format=api", "vulnerability_id": "VCID-8h6y-rjqd-nydy", "summary": "Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06339", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19401", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24621", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24811", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24691", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24738", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915" }, { "reference_url": "https://issues.chromium.org/issues/391114799", "reference_id": "391114799", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:23Z/" } ], "url": "https://issues.chromium.org/issues/391114799" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-1915" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8h6y-rjqd-nydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61843?format=api", "vulnerability_id": "VCID-azef-hxum-z3eb", "summary": "Multiple vulnerabilities have been discovered in WebKitGTK+, the worst of which can lead to execution of arbitary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24201.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24201.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24201", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24902", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24943", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24888", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27125", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24201" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24201" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/en-us/122281", "reference_id": "122281", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122281" }, { "reference_url": "https://support.apple.com/en-us/122283", "reference_id": "122283", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122283" }, { "reference_url": "https://support.apple.com/en-us/122284", "reference_id": "122284", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122284" }, { "reference_url": "https://support.apple.com/en-us/122285", "reference_id": "122285", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122285" }, { "reference_url": "https://support.apple.com/en-us/122345", "reference_id": "122345", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122345" }, { "reference_url": "https://support.apple.com/en-us/122346", "reference_id": "122346", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122346" }, { "reference_url": "https://support.apple.com/en-us/122372", "reference_id": "122372", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122372" }, { "reference_url": "https://support.apple.com/en-us/122376", "reference_id": "122376", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Act", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-11-12T14:31:38Z/" } ], "url": "https://support.apple.com/en-us/122376" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351802", "reference_id": "2351802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351802" }, { "reference_url": "https://security.gentoo.org/glsa/202511-02", "reference_id": "GLSA-202511-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10364", "reference_id": "RHSA-2025:10364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2863", "reference_id": "RHSA-2025:2863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2864", "reference_id": "RHSA-2025:2864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2997", "reference_id": "RHSA-2025:2997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2998", "reference_id": "RHSA-2025:2998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3000", "reference_id": "RHSA-2025:3000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3001", "reference_id": "RHSA-2025:3001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3002", "reference_id": "RHSA-2025:3002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3005", "reference_id": "RHSA-2025:3005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3034", "reference_id": "RHSA-2025:3034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3034" }, { "reference_url": "https://usn.ubuntu.com/7395-1/", "reference_id": "USN-7395-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7395-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-24201" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azef-hxum-z3eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47283?format=api", "vulnerability_id": "VCID-bem9-ezts-n3b2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70372", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.7034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70378", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0447" }, { "reference_url": "https://issues.chromium.org/issues/375550814", "reference_id": "375550814", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:26:16Z/" } ], "url": "https://issues.chromium.org/issues/375550814" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:26:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0447" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bem9-ezts-n3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/253918?format=api", "vulnerability_id": "VCID-bzcx-rxg3-aygs", "summary": "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11477", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97213", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97217", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97216", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97201", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38072", "scoring_system": "epss", "scoring_elements": "0.97211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.43636", "scoring_system": "epss", "scoring_elements": "0.97529", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.43636", "scoring_system": "epss", "scoring_elements": "0.97521", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11477" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532/", "reference_id": "ZDI-24-1532", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-30T04:55:53Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1532/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2024-11477" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzcx-rxg3-aygs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96506?format=api", "vulnerability_id": "VCID-c4ah-r5g9-rkbw", "summary": "Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54924", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918" }, { "reference_url": "https://issues.chromium.org/issues/388557904", "reference_id": "388557904", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:12Z/" } ], "url": "https://issues.chromium.org/issues/388557904" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:12Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-1918" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ah-r5g9-rkbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96508?format=api", "vulnerability_id": "VCID-crkt-7ueh-dbau", "summary": "Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26412", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32002", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32036", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36099", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921" }, { "reference_url": "https://issues.chromium.org/issues/387583503", "reference_id": "387583503", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:23:59Z/" } ], "url": "https://issues.chromium.org/issues/387583503" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:23:59Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-1921" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crkt-7ueh-dbau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47281?format=api", "vulnerability_id": "VCID-cw13-y3s5-d7cg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70372", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.7034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70378", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0443" }, { "reference_url": "https://issues.chromium.org/issues/376625003", "reference_id": "376625003", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:30:28Z/" } ], "url": "https://issues.chromium.org/issues/376625003" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:30:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0443" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cw13-y3s5-d7cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47266?format=api", "vulnerability_id": "VCID-dvuw-89yr-h7hc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85255", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85269", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85264", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85204", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85222", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85224", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85246", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12693" }, { "reference_url": "https://issues.chromium.org/issues/382190919", "reference_id": "382190919", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:44Z/" } ], "url": "https://issues.chromium.org/issues/382190919" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2024-12693" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvuw-89yr-h7hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96663?format=api", "vulnerability_id": "VCID-gdn6-smyz-j3fm", "summary": "Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31107", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31163", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31119", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31251", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31072", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31125", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31155", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3619" }, { "reference_url": "https://issues.chromium.org/issues/409619251", "reference_id": "409619251", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:38:46Z/" } ], "url": "https://issues.chromium.org/issues/409619251" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:38:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-3619" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdn6-smyz-j3fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96416?format=api", "vulnerability_id": "VCID-h5kz-vcq9-1bgh", "summary": "Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70143", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.7012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70183", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70511", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01092", "scoring_system": "epss", "scoring_elements": "0.7797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01092", "scoring_system": "epss", "scoring_elements": "0.77954", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0611" }, { "reference_url": "https://issues.chromium.org/issues/386143468", "reference_id": "386143468", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T20:02:12Z/" } ], "url": "https://issues.chromium.org/issues/386143468" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T20:02:12Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0611" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5kz-vcq9-1bgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47289?format=api", "vulnerability_id": "VCID-j9bt-u7v1-mkgt", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43125", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43081", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4306", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4308", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43092", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136" }, { "reference_url": "https://issues.chromium.org/issues/395032416", "reference_id": "395032416", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:34Z/" } ], "url": "https://issues.chromium.org/issues/395032416" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-2136" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9bt-u7v1-mkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70781?format=api", "vulnerability_id": "VCID-jaep-1ut3-9qan", "summary": "libxslt: Use-After-Free in libxslt numbers.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15187", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15377", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15337", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15272", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15473", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15365", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15415", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24855" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566", "reference_id": "1100566", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352483", "reference_id": "2352483", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3107", "reference_id": "RHSA-2025:3107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3389", "reference_id": "RHSA-2025:3389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3528", "reference_id": "RHSA-2025:3528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3615", "reference_id": "RHSA-2025:3615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3619", "reference_id": "RHSA-2025:3619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3624", "reference_id": "RHSA-2025:3624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3625", "reference_id": "RHSA-2025:3625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3626", "reference_id": "RHSA-2025:3626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3627", "reference_id": "RHSA-2025:3627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4098", "reference_id": "RHSA-2025:4098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4422", "reference_id": "RHSA-2025:4422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4427", "reference_id": "RHSA-2025:4427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4431", "reference_id": "RHSA-2025:4431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4677", "reference_id": "RHSA-2025:4677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4731", "reference_id": "RHSA-2025:4731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7496", "reference_id": "RHSA-2025:7496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7702", "reference_id": "RHSA-2025:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8303", "reference_id": "RHSA-2025:8303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8303" }, { "reference_url": "https://usn.ubuntu.com/7361-1/", "reference_id": "USN-7361-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7361-1/" }, { "reference_url": "https://usn.ubuntu.com/7787-1/", "reference_id": "USN-7787-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7787-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-24855" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jaep-1ut3-9qan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96481?format=api", "vulnerability_id": "VCID-mhfc-jc5n-gfbu", "summary": "Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60167", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.6016", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60146", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60125", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60139", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426" }, { "reference_url": "https://issues.chromium.org/issues/383465163", "reference_id": "383465163", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:08:33Z/" } ], "url": "https://issues.chromium.org/issues/383465163" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:08:33Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-1426" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhfc-jc5n-gfbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96426?format=api", "vulnerability_id": "VCID-rmeb-2jks-muh5", "summary": "Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.5602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56022", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55957", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55979", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56011", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006" }, { "reference_url": "https://issues.chromium.org/issues/390590778", "reference_id": "390590778", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:09:20Z/" } ], "url": "https://issues.chromium.org/issues/390590778" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:09:20Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-1006" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmeb-2jks-muh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96507?format=api", "vulnerability_id": "VCID-sbba-7wah-s3dm", "summary": "Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54924", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919" }, { "reference_url": "https://issues.chromium.org/issues/392375312", "reference_id": "392375312", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:13Z/" } ], "url": "https://issues.chromium.org/issues/392375312" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:13Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-1919" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbba-7wah-s3dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47267?format=api", "vulnerability_id": "VCID-tt6y-5hu2-xfcj", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.6681", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66825", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66845", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66831", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66763", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66761", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12694" }, { "reference_url": "https://issues.chromium.org/issues/368222741", "reference_id": "368222741", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:46Z/" } ], "url": "https://issues.chromium.org/issues/368222741" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:46Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2024-12694" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6y-5hu2-xfcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47274?format=api", "vulnerability_id": "VCID-u7nr-jpbg-hbbc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20028", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20047", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20212", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20131", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0437" }, { "reference_url": "https://issues.chromium.org/issues/378623799", "reference_id": "378623799", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:35Z/" } ], "url": "https://issues.chromium.org/issues/378623799" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:35Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0437" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7nr-jpbg-hbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47275?format=api", "vulnerability_id": "VCID-vnvz-a9hv-8bee", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58025", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58015", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57995", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58018", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5802", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0438" }, { "reference_url": "https://issues.chromium.org/issues/384186539", "reference_id": "384186539", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:34Z/" } ], "url": "https://issues.chromium.org/issues/384186539" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0438" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnvz-a9hv-8bee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47279?format=api", "vulnerability_id": "VCID-yj1b-bysp-b7h1", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22966", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22929", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22872", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22985", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23028", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22947", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0441" }, { "reference_url": "https://issues.chromium.org/issues/368628042", "reference_id": "368628042", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:36:52Z/" } ], "url": "https://issues.chromium.org/issues/368628042" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:36:52Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0441" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yj1b-bysp-b7h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70782?format=api", "vulnerability_id": "VCID-z7hh-qpzy-c7b2", "summary": "libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-55549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15569", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15455", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15368", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15498", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15811", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15992", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16014", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-55549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565", "reference_id": "1100565", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352484", "reference_id": "2352484", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3613", "reference_id": "RHSA-2025:3613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3614", "reference_id": "RHSA-2025:3614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3615", "reference_id": "RHSA-2025:3615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3619", "reference_id": "RHSA-2025:3619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3624", "reference_id": "RHSA-2025:3624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3625", "reference_id": "RHSA-2025:3625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3626", "reference_id": "RHSA-2025:3626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3627", "reference_id": "RHSA-2025:3627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4025", "reference_id": "RHSA-2025:4025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4098", "reference_id": "RHSA-2025:4098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4422", "reference_id": "RHSA-2025:4422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4427", "reference_id": "RHSA-2025:4427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4431", "reference_id": "RHSA-2025:4431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4677", "reference_id": "RHSA-2025:4677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4731", "reference_id": "RHSA-2025:4731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7410", "reference_id": "RHSA-2025:7410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7496", "reference_id": "RHSA-2025:7496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7702", "reference_id": "RHSA-2025:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8303", "reference_id": "RHSA-2025:8303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8303" }, { "reference_url": "https://usn.ubuntu.com/7357-1/", "reference_id": "USN-7357-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7357-1/" }, { "reference_url": "https://usn.ubuntu.com/7787-1/", "reference_id": "USN-7787-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7787-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2024-55549" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7hh-qpzy-c7b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70759?format=api", "vulnerability_id": "VCID-zjtf-w6bv-dbfe", "summary": "mojo: chromium: chromium Mojo on Windows", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2783.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97308", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97298", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97299", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97282", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39478", "scoring_system": "epss", "scoring_elements": "0.97288", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2783" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355557", "reference_id": "2355557", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355557" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/52403.txt", "reference_id": "CVE-2025-2783", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/webapps/52403.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-2783" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjtf-w6bv-dbfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96423?format=api", "vulnerability_id": "VCID-zr38-fv5c-jkfy", "summary": "Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25283", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25372", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2533", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25439", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25316", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2536", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996" }, { "reference_url": "https://issues.chromium.org/issues/391788835", "reference_id": "391788835", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T17:17:20Z/" } ], "url": "https://issues.chromium.org/issues/391788835" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T17:17:20Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0996" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr38-fv5c-jkfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96425?format=api", "vulnerability_id": "VCID-zr5w-q9zh-nqbm", "summary": "Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.7241", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72398", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72329", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72375", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999" }, { "reference_url": "https://issues.chromium.org/issues/394350433", "reference_id": "394350433", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:05:30Z/" } ], "url": "https://issues.chromium.org/issues/394350433" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:05:30Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376133?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" } ], "aliases": [ "CVE-2025-0999" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr5w-q9zh-nqbm" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.8.2-r3%3Farch=x86_64&distroversion=v3.22&reponame=community" }