Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4537?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4537?format=api", "purl": "pkg:deb/debian/icu@2.0-2.1pre20020303-1", "type": "deb", "namespace": "debian", "name": "icu", "version": "2.0-2.1pre20020303-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "67.1-7", "latest_non_vulnerable_version": "67.1-7", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72698?format=api", "vulnerability_id": "VCID-1937-rk84-qydq", "summary": "Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2924.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71785", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71824", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014886", "reference_id": "1014886", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726477", "reference_id": "726477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726477" }, { "reference_url": "https://security.gentoo.org/glsa/201402-14", "reference_id": "GLSA-201402-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-14" }, { "reference_url": "https://usn.ubuntu.com/1989-1/", "reference_id": "USN-1989-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1989-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2013-2924" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1937-rk84-qydq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72717?format=api", "vulnerability_id": "VCID-3hng-5n5z-7faw", "summary": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11054", "scoring_system": "epss", "scoring_elements": "0.93584", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.11054", "scoring_system": "epss", "scoring_elements": "0.93594", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318", "reference_id": "1273318", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1919", "reference_id": "RHSA-2015:1919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1920", "reference_id": "RHSA-2015:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1921", "reference_id": "RHSA-2015:1921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1926", "reference_id": "RHSA-2015:1926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1927", "reference_id": "RHSA-2015:1927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1928", "reference_id": "RHSA-2015:1928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2086", "reference_id": "RHSA-2015:2086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2506", "reference_id": "RHSA-2015:2506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2507", "reference_id": "RHSA-2015:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2508", "reference_id": "RHSA-2015:2508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2509", "reference_id": "RHSA-2015:2509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2518", "reference_id": "RHSA-2015:2518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2784-1/", "reference_id": "USN-2784-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2784-1/" }, { "reference_url": "https://usn.ubuntu.com/2827-1/", "reference_id": "USN-2827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2827-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4844" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hng-5n5z-7faw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72697?format=api", "vulnerability_id": "VCID-3yjj-bp6d-tkab", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font processing errors\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2419.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12809", "scoring_system": "epss", "scoring_elements": "0.94152", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.12809", "scoring_system": "epss", "scoring_elements": "0.9416", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656", "reference_id": "952656", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" }, { "reference_url": "https://usn.ubuntu.com/1806-1/", "reference_id": "USN-1806-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1806-1/" }, { "reference_url": "https://usn.ubuntu.com/1819-1/", "reference_id": "USN-1819-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1819-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-3/", "reference_id": "USN-2522-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2013-2419" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3yjj-bp6d-tkab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72707?format=api", "vulnerability_id": "VCID-562t-my7q-fkhk", "summary": "The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9654.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9654.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01671", "scoring_system": "epss", "scoring_elements": "0.82463", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01671", "scoring_system": "epss", "scoring_elements": "0.82493", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190129", "reference_id": "1190129", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190129" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776719", "reference_id": "776719", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776719" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2014-9654" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-562t-my7q-fkhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72687?format=api", "vulnerability_id": "VCID-5er9-z3hf-z7he", "summary": "libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \\0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4770.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4770.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0367", "scoring_system": "epss", "scoring_elements": "0.88107", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0367", "scoring_system": "epss", "scoring_elements": "0.88128", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023", "reference_id": "429023", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429023" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463688", "reference_id": "463688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463688" }, { "reference_url": "https://security.gentoo.org/glsa/200803-20", "reference_id": "GLSA-200803-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200803-20" }, { "reference_url": "https://security.gentoo.org/glsa/200805-16", "reference_id": "GLSA-200805-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200805-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0090", "reference_id": "RHSA-2008:0090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0090" }, { "reference_url": "https://usn.ubuntu.com/591-1/", "reference_id": "USN-591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4541?format=api", "purl": "pkg:deb/debian/icu@3.8.1-3%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8mt7-9hjj-fbfg" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-bvhc-8fge-9uez" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-exg8-f6tj-k7fp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-trma-c9p3-uub9" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@3.8.1-3%252Blenny3" } ], "aliases": [ "CVE-2007-4770" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5er9-z3hf-z7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72718?format=api", "vulnerability_id": "VCID-6grx-g6uw-yybd", "summary": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90506", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90521", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906", "reference_id": "1298906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201610-08", "reference_id": "GLSA-201610-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0057", "reference_id": "RHSA-2016:0057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0067", "reference_id": "RHSA-2016:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2885-1/", "reference_id": "USN-2885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2885-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-0494" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6grx-g6uw-yybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72724?format=api", "vulnerability_id": "VCID-6q8q-9q3y-abhc", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77775", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77802", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098", "reference_id": "1444098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7868" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6q8q-9q3y-abhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72727?format=api", "vulnerability_id": "VCID-7fz2-29gm-eufm", "summary": "An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.74237", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.7427", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807349", "reference_id": "1807349", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807349" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747", "reference_id": "953747", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747" }, { "reference_url": "https://security.gentoo.org/glsa/202003-15", "reference_id": "GLSA-202003-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0738", "reference_id": "RHSA-2020:0738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0896", "reference_id": "RHSA-2020:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0897", "reference_id": "RHSA-2020:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0901", "reference_id": "RHSA-2020:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0902", "reference_id": "RHSA-2020:0902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1293", "reference_id": "RHSA-2020:1293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1317", "reference_id": "RHSA-2020:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1343", "reference_id": "RHSA-2020:1343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2895", "reference_id": "RHSA-2020:2895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3084", "reference_id": "RHSA-2020:3084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3084" }, { "reference_url": "https://usn.ubuntu.com/4305-1/", "reference_id": "USN-4305-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4305-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/518828?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2020-10531" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7fz2-29gm-eufm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72691?format=api", "vulnerability_id": "VCID-8mt7-9hjj-fbfg", "summary": "International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0153.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11643", "scoring_system": "epss", "scoring_elements": "0.93792", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.11643", "scoring_system": "epss", "scoring_elements": "0.93801", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0153" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=503071", "reference_id": "503071", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503071" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534590", "reference_id": "534590", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534590" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1122", "reference_id": "RHSA-2009:1122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1122" }, { "reference_url": "https://usn.ubuntu.com/846-1/", "reference_id": "USN-846-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/846-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4542?format=api", "purl": "pkg:deb/debian/icu@4.4.1-8%2Bsqueeze2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-bvhc-8fge-9uez" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-exg8-f6tj-k7fp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.4.1-8%252Bsqueeze2" } ], "aliases": [ "CVE-2009-0153" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8mt7-9hjj-fbfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72712?format=api", "vulnerability_id": "VCID-8ucv-hrcz-uqau", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.8283", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.82856", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394", "reference_id": "1242394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-2632" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ucv-hrcz-uqau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4356?format=api", "vulnerability_id": "VCID-9ubw-4yby-v3bp", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86698", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.8672", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930", "reference_id": "1510930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840", "reference_id": "878840", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840" }, { "reference_url": "https://security.archlinux.org/ASA-201711-25", "reference_id": "ASA-201711-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-25" }, { "reference_url": "https://security.archlinux.org/ASA-201711-26", "reference_id": "ASA-201711-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-26" }, { "reference_url": "https://security.archlinux.org/AVG-504", "reference_id": "AVG-504", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-504" }, { "reference_url": "https://security.archlinux.org/AVG-507", "reference_id": "AVG-507", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-507" }, { "reference_url": "https://usn.ubuntu.com/3458-1/", "reference_id": "USN-3458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3458-1/" }, { "reference_url": "https://usn.ubuntu.com/3458-2/", "reference_id": "USN-3458-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3458-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-14952" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ubw-4yby-v3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72719?format=api", "vulnerability_id": "VCID-aykx-vyhu-7yfr", "summary": "The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01066", "scoring_system": "epss", "scoring_elements": "0.78032", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01066", "scoring_system": "epss", "scoring_elements": "0.7806", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339", "reference_id": "1360339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-6293" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aykx-vyhu-7yfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72700?format=api", "vulnerability_id": "VCID-bkbn-dxg2-dqfk", "summary": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6585.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6585.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01314", "scoring_system": "epss", "scoring_elements": "0.80176", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01314", "scoring_system": "epss", "scoring_elements": "0.80201", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183645", "reference_id": "1183645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183645" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776264", "reference_id": "776264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776264" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0067", "reference_id": "RHSA-2015:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0068", "reference_id": "RHSA-2015:0068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0069", "reference_id": "RHSA-2015:0069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0079", "reference_id": "RHSA-2015:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0080", "reference_id": "RHSA-2015:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0085", "reference_id": "RHSA-2015:0085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0086", "reference_id": "RHSA-2015:0086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0133", "reference_id": "RHSA-2015:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0134", "reference_id": "RHSA-2015:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0135", "reference_id": "RHSA-2015:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0136", "reference_id": "RHSA-2015:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0263", "reference_id": "RHSA-2015:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0264", "reference_id": "RHSA-2015:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0264" }, { "reference_url": "https://usn.ubuntu.com/2486-1/", "reference_id": "USN-2486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2486-1/" }, { "reference_url": "https://usn.ubuntu.com/2487-1/", "reference_id": "USN-2487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2487-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-3/", "reference_id": "USN-2522-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2014-6585" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bkbn-dxg2-dqfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72693?format=api", "vulnerability_id": "VCID-bvhc-8fge-9uez", "summary": "Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0900.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76529", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76558", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702346", "reference_id": "702346", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702346" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=918167", "reference_id": "918167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918167" }, { "reference_url": "https://security.gentoo.org/glsa/201309-16", "reference_id": "GLSA-201309-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-16" }, { "reference_url": "https://security.gentoo.org/glsa/201402-14", "reference_id": "GLSA-201402-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-14" }, { "reference_url": "https://usn.ubuntu.com/1989-1/", "reference_id": "USN-1989-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1989-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-0900" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvhc-8fge-9uez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72703?format=api", "vulnerability_id": "VCID-excs-dj44-yfby", "summary": "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7926.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02564", "scoring_system": "epss", "scoring_elements": "0.85799", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02564", "scoring_system": "epss", "scoring_elements": "0.85821", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185205", "reference_id": "1185205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185205" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265", "reference_id": "776265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265" }, { "reference_url": "https://security.gentoo.org/glsa/201502-13", "reference_id": "GLSA-201502-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-13" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" }, { "reference_url": "https://usn.ubuntu.com/2476-1/", "reference_id": "USN-2476-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2476-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2014-7926" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-excs-dj44-yfby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72692?format=api", "vulnerability_id": "VCID-exg8-f6tj-k7fp", "summary": "Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted locale ID that is not properly handled during variant canonicalization.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4599.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24107", "scoring_system": "epss", "scoring_elements": "0.96166", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.24107", "scoring_system": "epss", "scoring_elements": "0.96171", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654883", "reference_id": "654883", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654883" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=765812", "reference_id": "765812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=765812" }, { "reference_url": "https://security.gentoo.org/glsa/201209-07", "reference_id": "GLSA-201209-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1815", "reference_id": "RHSA-2011:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1815" }, { "reference_url": "https://usn.ubuntu.com/1348-1/", "reference_id": "USN-1348-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1348-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2011-4599" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-exg8-f6tj-k7fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72715?format=api", "vulnerability_id": "VCID-f3kd-641n-17ch", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93063", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93074", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447", "reference_id": "1242447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4760" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3kd-641n-17ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72704?format=api", "vulnerability_id": "VCID-fbng-2ww3-6bdu", "summary": "The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7940.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02423", "scoring_system": "epss", "scoring_elements": "0.85412", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02423", "scoring_system": "epss", "scoring_elements": "0.85435", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185220", "reference_id": "1185220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185220" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265", "reference_id": "776265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265" }, { "reference_url": "https://security.gentoo.org/glsa/201502-13", "reference_id": "GLSA-201502-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-13" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" }, { "reference_url": "https://usn.ubuntu.com/2476-1/", "reference_id": "USN-2476-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2476-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2014-7940" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbng-2ww3-6bdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72708?format=api", "vulnerability_id": "VCID-fmhx-7a3k-ffdx", "summary": "Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.83153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.83178", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569", "reference_id": "1383569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-9911" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmhx-7a3k-ffdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4331?format=api", "vulnerability_id": "VCID-hkbb-bc99-yqdd", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85888", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85909", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", "reference_id": "1523136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766", "reference_id": "892766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3401", "reference_id": "RHSA-2017:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3401" }, { "reference_url": "https://usn.ubuntu.com/3610-1/", "reference_id": "USN-3610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkbb-bc99-yqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72710?format=api", "vulnerability_id": "VCID-k1bn-aprc-m3ht", "summary": "The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.79153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.79179", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574", "reference_id": "1245574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647", "reference_id": "798647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647" }, { "reference_url": "https://security.gentoo.org/glsa/201603-09", "reference_id": "GLSA-201603-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1499", "reference_id": "RHSA-2015:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1499" }, { "reference_url": "https://usn.ubuntu.com/2677-1/", "reference_id": "USN-2677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2677-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-1270" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bn-aprc-m3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72695?format=api", "vulnerability_id": "VCID-kauc-686u-jqeh", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"handling of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2383.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0562", "scoring_system": "epss", "scoring_elements": "0.90497", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0562", "scoring_system": "epss", "scoring_elements": "0.90511", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708", "reference_id": "952708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" }, { "reference_url": "https://usn.ubuntu.com/1806-1/", "reference_id": "USN-1806-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1806-1/" }, { "reference_url": "https://usn.ubuntu.com/1819-1/", "reference_id": "USN-1819-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1819-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-3/", "reference_id": "USN-2522-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2013-2383" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kauc-686u-jqeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72688?format=api", "vulnerability_id": "VCID-pmfb-6z51-bfh9", "summary": "Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4771.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02332", "scoring_system": "epss", "scoring_elements": "0.85134", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02332", "scoring_system": "epss", "scoring_elements": "0.85159", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025", "reference_id": "429025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463688", "reference_id": "463688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463688" }, { "reference_url": "https://security.gentoo.org/glsa/200803-20", "reference_id": "GLSA-200803-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200803-20" }, { "reference_url": "https://security.gentoo.org/glsa/200805-16", "reference_id": "GLSA-200805-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200805-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0090", "reference_id": "RHSA-2008:0090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0090" }, { "reference_url": "https://usn.ubuntu.com/591-1/", "reference_id": "USN-591-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/591-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4541?format=api", "purl": "pkg:deb/debian/icu@3.8.1-3%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8mt7-9hjj-fbfg" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-bvhc-8fge-9uez" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-exg8-f6tj-k7fp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-trma-c9p3-uub9" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@3.8.1-3%252Blenny3" } ], "aliases": [ "CVE-2007-4771" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmfb-6z51-bfh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72706?format=api", "vulnerability_id": "VCID-qwzq-dmn1-j7fy", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97501", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97507", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200", "reference_id": "1176200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8147" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwzq-dmn1-j7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72696?format=api", "vulnerability_id": "VCID-rz8q-v7bh-9fe1", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font layout\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2384.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0562", "scoring_system": "epss", "scoring_elements": "0.90497", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0562", "scoring_system": "epss", "scoring_elements": "0.90511", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709", "reference_id": "952709", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" }, { "reference_url": "https://usn.ubuntu.com/1806-1/", "reference_id": "USN-1806-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1806-1/" }, { "reference_url": "https://usn.ubuntu.com/1819-1/", "reference_id": "USN-1819-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1819-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-3/", "reference_id": "USN-2522-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2013-2384" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rz8q-v7bh-9fe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72694?format=api", "vulnerability_id": "VCID-scv7-4fwv-vyek", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"checking of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1569.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1569.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0147", "scoring_system": "epss", "scoring_elements": "0.81262", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0147", "scoring_system": "epss", "scoring_elements": "0.81291", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711", "reference_id": "952711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" }, { "reference_url": "https://usn.ubuntu.com/1806-1/", "reference_id": "USN-1806-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1806-1/" }, { "reference_url": "https://usn.ubuntu.com/1819-1/", "reference_id": "USN-1819-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1819-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-3/", "reference_id": "USN-2522-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2013-1569" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scv7-4fwv-vyek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72690?format=api", "vulnerability_id": "VCID-trma-c9p3-uub9", "summary": "The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1036.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02644", "scoring_system": "epss", "scoring_elements": "0.8601", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02644", "scoring_system": "epss", "scoring_elements": "0.86031", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=464168", "reference_id": "464168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=464168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0296", "reference_id": "RHSA-2009:0296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0296" }, { "reference_url": "https://usn.ubuntu.com/747-1/", "reference_id": "USN-747-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/747-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4542?format=api", "purl": "pkg:deb/debian/icu@4.4.1-8%2Bsqueeze2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-bvhc-8fge-9uez" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-exg8-f6tj-k7fp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.4.1-8%252Bsqueeze2" } ], "aliases": [ "CVE-2008-1036" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-trma-c9p3-uub9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72728?format=api", "vulnerability_id": "VCID-un3w-2ee4-jbcy", "summary": "International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27295", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27363", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006950", "reference_id": "2006950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006950" }, { "reference_url": "https://usn.ubuntu.com/5133-1/", "reference_id": "USN-5133-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5133-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/518828?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2020-21913" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-un3w-2ee4-jbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72723?format=api", "vulnerability_id": "VCID-wpkr-mbq4-ekg5", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78603", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097", "reference_id": "1444097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7867" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpkr-mbq4-ekg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72702?format=api", "vulnerability_id": "VCID-wsen-t4x7-wuhc", "summary": "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7923.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7923.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02564", "scoring_system": "epss", "scoring_elements": "0.85799", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02564", "scoring_system": "epss", "scoring_elements": "0.85821", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185202", "reference_id": "1185202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265", "reference_id": "776265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265" }, { "reference_url": "https://security.gentoo.org/glsa/201502-13", "reference_id": "GLSA-201502-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-13" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" }, { "reference_url": "https://usn.ubuntu.com/2476-1/", "reference_id": "USN-2476-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2476-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2014-7923" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsen-t4x7-wuhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72726?format=api", "vulnerability_id": "VCID-xdhx-y4jj-xfeu", "summary": "International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.70205", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.70247", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646702", "reference_id": "1646702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646702" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2018-18928" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xdhx-y4jj-xfeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72701?format=api", "vulnerability_id": "VCID-yhgb-pmpp-9uc2", "summary": "Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6591.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6591.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01555", "scoring_system": "epss", "scoring_elements": "0.81774", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01555", "scoring_system": "epss", "scoring_elements": "0.81808", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183646", "reference_id": "1183646", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183646" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775884", "reference_id": "775884", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775884" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0067", "reference_id": "RHSA-2015:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0068", "reference_id": "RHSA-2015:0068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0069", "reference_id": "RHSA-2015:0069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0079", "reference_id": "RHSA-2015:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0080", "reference_id": "RHSA-2015:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0085", "reference_id": "RHSA-2015:0085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0086", "reference_id": "RHSA-2015:0086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0133", "reference_id": "RHSA-2015:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0134", "reference_id": "RHSA-2015:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0135", "reference_id": "RHSA-2015:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0136", "reference_id": "RHSA-2015:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0263", "reference_id": "RHSA-2015:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0264", "reference_id": "RHSA-2015:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0264" }, { "reference_url": "https://usn.ubuntu.com/2486-1/", "reference_id": "USN-2486-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2486-1/" }, { "reference_url": "https://usn.ubuntu.com/2487-1/", "reference_id": "USN-2487-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2487-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-1/", "reference_id": "USN-2522-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-1/" }, { "reference_url": "https://usn.ubuntu.com/2522-3/", "reference_id": "USN-2522-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2522-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4545?format=api", "purl": "pkg:deb/debian/icu@52.1-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8" } ], "aliases": [ "CVE-2014-6591" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhgb-pmpp-9uc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72721?format=api", "vulnerability_id": "VCID-yzqr-kpjj-akgj", "summary": "Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.7928", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.79306", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361", "reference_id": "1377361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694", "reference_id": "838694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-7415" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzqr-kpjj-akgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72705?format=api", "vulnerability_id": "VCID-zkex-ss5h-5ke5", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96359", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96364", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197", "reference_id": "1176197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8146" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkex-ss5h-5ke5" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@2.0-2.1pre20020303-1" }