Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/399973?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/399973?format=api", "purl": "pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12?arch=riscv64&distroversion=v3.20&reponame=community", "type": "apk", "namespace": "alpine", "name": "qt5-qtwebengine", "version": "5.15.16-r12", "qualifiers": { "arch": "riscv64", "distroversion": "v3.20", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "5.15.16-r13", "latest_non_vulnerable_version": "5.15.16-r15", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47475?format=api", "vulnerability_id": "VCID-5us9-z9j9-h3gy", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39335", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39304", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.3932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5158" }, { "reference_url": "https://issues.chromium.org/issues/338908243", "reference_id": "338908243", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://issues.chromium.org/issues/338908243" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/", "reference_id": "5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/", "reference_id": "FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/399973?format=api", "purl": "pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12%3Farch=riscv64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2024-5158" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5us9-z9j9-h3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47563?format=api", "vulnerability_id": "VCID-d26t-ex9d-x3ev", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69389", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69341", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69358", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.6938", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69364", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69351", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69293", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69311", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00596", "scoring_system": "epss", "scoring_elements": "0.69291", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080150", "reference_id": "1080150", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080150" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616", "reference_id": "2308616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308616" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/888", "reference_id": "888", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:48Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/888" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/891", "reference_id": "891", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:48Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/891" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6754", "reference_id": "RHSA-2024:6754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6989", "reference_id": "RHSA-2024:6989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8859", "reference_id": "RHSA-2024:8859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9610", "reference_id": "RHSA-2024:9610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9610" }, { "reference_url": "https://usn.ubuntu.com/7000-1/", "reference_id": "USN-7000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-1/" }, { "reference_url": "https://usn.ubuntu.com/7000-2/", "reference_id": "USN-7000-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-2/" }, { "reference_url": "https://usn.ubuntu.com/7001-1/", "reference_id": "USN-7001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7001-1/" }, { "reference_url": "https://usn.ubuntu.com/7001-2/", "reference_id": "USN-7001-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7001-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/399973?format=api", "purl": "pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12%3Farch=riscv64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2024-45491" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d26t-ex9d-x3ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47554?format=api", "vulnerability_id": "VCID-e8cj-guq1-2uar", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39838", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39805", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39788", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39842", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39762", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39817", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9123" }, { "reference_url": "https://issues.chromium.org/issues/365884464", "reference_id": "365884464", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T03:55:49Z/" } ], "url": "https://issues.chromium.org/issues/365884464" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T03:55:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/399973?format=api", "purl": "pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12%3Farch=riscv64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2024-9123" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8cj-guq1-2uar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47562?format=api", "vulnerability_id": "VCID-gtcn-kyd2-xqdk", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45490.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67049", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.6703", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67042", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67062", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67048", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67016", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.66982", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67006", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.6698", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080149", "reference_id": "1080149", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080149" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615", "reference_id": "2308615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308615" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/887", "reference_id": "887", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-30T18:17:03Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/887" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/890", "reference_id": "890", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-30T18:17:03Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/890" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6754", "reference_id": "RHSA-2024:6754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6989", "reference_id": "RHSA-2024:6989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9610", "reference_id": "RHSA-2024:9610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://usn.ubuntu.com/7000-1/", "reference_id": "USN-7000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-1/" }, { "reference_url": "https://usn.ubuntu.com/7000-2/", "reference_id": "USN-7000-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-2/" }, { "reference_url": "https://usn.ubuntu.com/7001-1/", "reference_id": "USN-7001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7001-1/" }, { "reference_url": "https://usn.ubuntu.com/7001-2/", "reference_id": "USN-7001-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7001-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/399973?format=api", "purl": "pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12%3Farch=riscv64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2024-45490" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtcn-kyd2-xqdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47564?format=api", "vulnerability_id": "VCID-nw3z-nwyg-87e5", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78902", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.7887", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78876", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78874", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.78845", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080152", "reference_id": "1080152", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080152" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617", "reference_id": "2308617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308617" }, { "reference_url": "https://github.com/libexpat/libexpat/issues/889", "reference_id": "889", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:05Z/" } ], "url": "https://github.com/libexpat/libexpat/issues/889" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/892", "reference_id": "892", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:05Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/892" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6754", "reference_id": "RHSA-2024:6754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6989", "reference_id": "RHSA-2024:6989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7599", "reference_id": "RHSA-2024:7599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9610", "reference_id": "RHSA-2024:9610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9610" }, { "reference_url": "https://usn.ubuntu.com/7000-1/", "reference_id": "USN-7000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-1/" }, { "reference_url": "https://usn.ubuntu.com/7000-2/", "reference_id": "USN-7000-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7000-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/399973?format=api", "purl": "pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12?arch=riscv64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12%3Farch=riscv64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2024-45492" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw3z-nwyg-87e5" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt5-qtwebengine@5.15.16-r12%3Farch=riscv64&distroversion=v3.20&reponame=community" }