Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4538?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4538?format=api", "purl": "pkg:deb/debian/icu@2.1-2.1", "type": "deb", "namespace": "debian", "name": "icu", "version": "2.1-2.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "63.1-6+deb10u3", "latest_non_vulnerable_version": "63.1-6+deb10u3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72698?format=api", "vulnerability_id": "VCID-1937-rk84-qydq", "summary": "Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2924.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71785", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014886", "reference_id": "1014886", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726477", "reference_id": "726477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726477" }, { "reference_url": "https://security.gentoo.org/glsa/201402-14", "reference_id": "GLSA-201402-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-2924" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1937-rk84-qydq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72697?format=api", "vulnerability_id": "VCID-3yjj-bp6d-tkab", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font processing errors\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2419.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12809", "scoring_system": "epss", "scoring_elements": "0.94152", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656", "reference_id": "952656", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-2419" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3yjj-bp6d-tkab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72707?format=api", "vulnerability_id": "VCID-562t-my7q-fkhk", "summary": "The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9654.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9654.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01671", "scoring_system": "epss", "scoring_elements": "0.82463", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190129", "reference_id": "1190129", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190129" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776719", "reference_id": "776719", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776719" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-9654" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-562t-my7q-fkhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72718?format=api", "vulnerability_id": "VCID-6grx-g6uw-yybd", "summary": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90506", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906", "reference_id": "1298906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201610-08", "reference_id": "GLSA-201610-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0057", "reference_id": "RHSA-2016:0057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0067", "reference_id": "RHSA-2016:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" } ], "aliases": [ "CVE-2016-0494" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6grx-g6uw-yybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72724?format=api", "vulnerability_id": "VCID-6q8q-9q3y-abhc", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77775", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098", "reference_id": "1444098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" } ], "aliases": [ "CVE-2017-7868" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6q8q-9q3y-abhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72712?format=api", "vulnerability_id": "VCID-8ucv-hrcz-uqau", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.8283", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394", "reference_id": "1242394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" } ], "aliases": [ "CVE-2015-2632" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ucv-hrcz-uqau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4356?format=api", "vulnerability_id": "VCID-9ubw-4yby-v3bp", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86698", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930", "reference_id": "1510930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840", "reference_id": "878840", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840" }, { "reference_url": "https://security.archlinux.org/ASA-201711-25", "reference_id": "ASA-201711-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-25" }, { "reference_url": "https://security.archlinux.org/ASA-201711-26", "reference_id": "ASA-201711-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-26" }, { "reference_url": "https://security.archlinux.org/AVG-504", "reference_id": "AVG-504", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-504" }, { "reference_url": "https://security.archlinux.org/AVG-507", "reference_id": "AVG-507", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-507" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-14952" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ubw-4yby-v3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72700?format=api", "vulnerability_id": "VCID-bkbn-dxg2-dqfk", "summary": "Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6585.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6585.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01314", "scoring_system": "epss", "scoring_elements": "0.80176", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183645", "reference_id": "1183645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183645" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776264", "reference_id": "776264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776264" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0067", "reference_id": "RHSA-2015:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0068", "reference_id": "RHSA-2015:0068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0069", "reference_id": "RHSA-2015:0069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0079", "reference_id": "RHSA-2015:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0080", "reference_id": "RHSA-2015:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0085", "reference_id": "RHSA-2015:0085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0086", "reference_id": "RHSA-2015:0086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0133", "reference_id": "RHSA-2015:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0134", "reference_id": "RHSA-2015:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0135", "reference_id": "RHSA-2015:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0136", "reference_id": "RHSA-2015:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0263", "reference_id": "RHSA-2015:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0264", "reference_id": "RHSA-2015:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0264" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-6585" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bkbn-dxg2-dqfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72693?format=api", "vulnerability_id": "VCID-bvhc-8fge-9uez", "summary": "Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0900.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76529", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702346", "reference_id": "702346", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702346" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=918167", "reference_id": "918167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918167" }, { "reference_url": "https://security.gentoo.org/glsa/201309-16", "reference_id": "GLSA-201309-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-16" }, { "reference_url": "https://security.gentoo.org/glsa/201402-14", "reference_id": "GLSA-201402-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-0900" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvhc-8fge-9uez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72703?format=api", "vulnerability_id": "VCID-excs-dj44-yfby", "summary": "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7926.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02564", "scoring_system": "epss", "scoring_elements": "0.85799", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185205", "reference_id": "1185205", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185205" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265", "reference_id": "776265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265" }, { "reference_url": "https://security.gentoo.org/glsa/201502-13", "reference_id": "GLSA-201502-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-13" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-7926" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-excs-dj44-yfby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72715?format=api", "vulnerability_id": "VCID-f3kd-641n-17ch", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93063", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447", "reference_id": "1242447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" } ], "aliases": [ "CVE-2015-4760" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3kd-641n-17ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72704?format=api", "vulnerability_id": "VCID-fbng-2ww3-6bdu", "summary": "The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7940.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02423", "scoring_system": "epss", "scoring_elements": "0.85412", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185220", "reference_id": "1185220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185220" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265", "reference_id": "776265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265" }, { "reference_url": "https://security.gentoo.org/glsa/201502-13", "reference_id": "GLSA-201502-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-13" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-7940" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbng-2ww3-6bdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4331?format=api", "vulnerability_id": "VCID-hkbb-bc99-yqdd", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85888", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", "reference_id": "1523136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766", "reference_id": "892766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3401", "reference_id": "RHSA-2017:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3401" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkbb-bc99-yqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72695?format=api", "vulnerability_id": "VCID-kauc-686u-jqeh", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"handling of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2383.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0562", "scoring_system": "epss", "scoring_elements": "0.90497", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708", "reference_id": "952708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-2383" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kauc-686u-jqeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72706?format=api", "vulnerability_id": "VCID-qwzq-dmn1-j7fy", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97501", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200", "reference_id": "1176200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-8147" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwzq-dmn1-j7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72696?format=api", "vulnerability_id": "VCID-rz8q-v7bh-9fe1", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font layout\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2384.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0562", "scoring_system": "epss", "scoring_elements": "0.90497", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709", "reference_id": "952709", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-2384" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rz8q-v7bh-9fe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72694?format=api", "vulnerability_id": "VCID-scv7-4fwv-vyek", "summary": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"checking of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1569.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1569.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0147", "scoring_system": "epss", "scoring_elements": "0.81262", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711", "reference_id": "952711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711" }, { "reference_url": "https://security.gentoo.org/glsa/201401-30", "reference_id": "GLSA-201401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-30" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0751", "reference_id": "RHSA-2013:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0752", "reference_id": "RHSA-2013:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0757", "reference_id": "RHSA-2013:0757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0758", "reference_id": "RHSA-2013:0758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0770", "reference_id": "RHSA-2013:0770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0822", "reference_id": "RHSA-2013:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0823", "reference_id": "RHSA-2013:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0855", "reference_id": "RHSA-2013:0855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1456", "reference_id": "RHSA-2013:1456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1456" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2013-1569" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scv7-4fwv-vyek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72723?format=api", "vulnerability_id": "VCID-wpkr-mbq4-ekg5", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097", "reference_id": "1444097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" } ], "aliases": [ "CVE-2017-7867" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpkr-mbq4-ekg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72702?format=api", "vulnerability_id": "VCID-wsen-t4x7-wuhc", "summary": "The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7923.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7923.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02564", "scoring_system": "epss", "scoring_elements": "0.85799", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185202", "reference_id": "1185202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265", "reference_id": "776265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776265" }, { "reference_url": "https://security.gentoo.org/glsa/201502-13", "reference_id": "GLSA-201502-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-13" }, { "reference_url": "https://security.gentoo.org/glsa/201503-06", "reference_id": "GLSA-201503-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0093", "reference_id": "RHSA-2015:0093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0093" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-7923" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsen-t4x7-wuhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72701?format=api", "vulnerability_id": "VCID-yhgb-pmpp-9uc2", "summary": "Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6591.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6591.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01555", "scoring_system": "epss", "scoring_elements": "0.81774", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183646", "reference_id": "1183646", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183646" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775884", "reference_id": "775884", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775884" }, { "reference_url": "https://security.gentoo.org/glsa/201507-14", "reference_id": "GLSA-201507-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-14" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0067", "reference_id": "RHSA-2015:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0068", "reference_id": "RHSA-2015:0068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0069", "reference_id": "RHSA-2015:0069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0079", "reference_id": "RHSA-2015:0079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0080", "reference_id": "RHSA-2015:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0085", "reference_id": "RHSA-2015:0085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0085" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0086", "reference_id": "RHSA-2015:0086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0133", "reference_id": "RHSA-2015:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0134", "reference_id": "RHSA-2015:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0135", "reference_id": "RHSA-2015:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0136", "reference_id": "RHSA-2015:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0263", "reference_id": "RHSA-2015:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0264", "reference_id": "RHSA-2015:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0264" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-6591" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhgb-pmpp-9uc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72705?format=api", "vulnerability_id": "VCID-zkex-ss5h-5ke5", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96359", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197", "reference_id": "1176197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" } ], "aliases": [ "CVE-2014-8146" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkex-ss5h-5ke5" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@2.1-2.1" }