Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4546?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "type": "deb", "namespace": "debian", "name": "icu", "version": "52.1-8+deb8u7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "72.1-3+deb12u1", "latest_non_vulnerable_version": "72.1-3+deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72717?format=api", "vulnerability_id": "VCID-3hng-5n5z-7faw", "summary": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11054", "scoring_system": "epss", "scoring_elements": "0.93584", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.11054", "scoring_system": "epss", "scoring_elements": "0.93594", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318", "reference_id": "1273318", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1919", "reference_id": "RHSA-2015:1919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1920", "reference_id": "RHSA-2015:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1921", "reference_id": "RHSA-2015:1921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1926", "reference_id": "RHSA-2015:1926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1927", "reference_id": "RHSA-2015:1927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1928", "reference_id": "RHSA-2015:1928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2086", "reference_id": "RHSA-2015:2086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2506", "reference_id": "RHSA-2015:2506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2507", "reference_id": "RHSA-2015:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2508", "reference_id": "RHSA-2015:2508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2509", "reference_id": "RHSA-2015:2509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2518", "reference_id": "RHSA-2015:2518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2784-1/", "reference_id": "USN-2784-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2784-1/" }, { "reference_url": "https://usn.ubuntu.com/2827-1/", "reference_id": "USN-2827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2827-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4844" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hng-5n5z-7faw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72718?format=api", "vulnerability_id": "VCID-6grx-g6uw-yybd", "summary": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90506", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90521", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906", "reference_id": "1298906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201610-08", "reference_id": "GLSA-201610-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0057", "reference_id": "RHSA-2016:0057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0067", "reference_id": "RHSA-2016:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2885-1/", "reference_id": "USN-2885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2885-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-0494" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6grx-g6uw-yybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72724?format=api", "vulnerability_id": "VCID-6q8q-9q3y-abhc", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77775", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77802", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098", "reference_id": "1444098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7868" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6q8q-9q3y-abhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72727?format=api", "vulnerability_id": "VCID-7fz2-29gm-eufm", "summary": "An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.74237", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.7427", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807349", "reference_id": "1807349", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807349" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747", "reference_id": "953747", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953747" }, { "reference_url": "https://security.gentoo.org/glsa/202003-15", "reference_id": "GLSA-202003-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0738", "reference_id": "RHSA-2020:0738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0896", "reference_id": "RHSA-2020:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0897", "reference_id": "RHSA-2020:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0901", "reference_id": "RHSA-2020:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0902", "reference_id": "RHSA-2020:0902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1293", "reference_id": "RHSA-2020:1293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1317", "reference_id": "RHSA-2020:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1343", "reference_id": "RHSA-2020:1343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2895", "reference_id": "RHSA-2020:2895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3084", "reference_id": "RHSA-2020:3084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3084" }, { "reference_url": "https://usn.ubuntu.com/4305-1/", "reference_id": "USN-4305-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4305-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/518828?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7v8-vz82-6ucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2020-10531" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7fz2-29gm-eufm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72712?format=api", "vulnerability_id": "VCID-8ucv-hrcz-uqau", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.8283", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.82856", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394", "reference_id": "1242394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-2632" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ucv-hrcz-uqau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4356?format=api", "vulnerability_id": "VCID-9ubw-4yby-v3bp", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86698", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.8672", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930", "reference_id": "1510930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840", "reference_id": "878840", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878840" }, { "reference_url": "https://security.archlinux.org/ASA-201711-25", "reference_id": "ASA-201711-25", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-25" }, { "reference_url": "https://security.archlinux.org/ASA-201711-26", "reference_id": "ASA-201711-26", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-26" }, { "reference_url": "https://security.archlinux.org/AVG-504", "reference_id": "AVG-504", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-504" }, { "reference_url": "https://security.archlinux.org/AVG-507", "reference_id": "AVG-507", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-507" }, { "reference_url": "https://usn.ubuntu.com/3458-1/", "reference_id": "USN-3458-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3458-1/" }, { "reference_url": "https://usn.ubuntu.com/3458-2/", "reference_id": "USN-3458-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3458-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-14952" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ubw-4yby-v3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72719?format=api", "vulnerability_id": "VCID-aykx-vyhu-7yfr", "summary": "The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01066", "scoring_system": "epss", "scoring_elements": "0.78032", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01066", "scoring_system": "epss", "scoring_elements": "0.7806", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339", "reference_id": "1360339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-6293" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aykx-vyhu-7yfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72715?format=api", "vulnerability_id": "VCID-f3kd-641n-17ch", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93063", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93074", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447", "reference_id": "1242447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4760" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3kd-641n-17ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5428?format=api", "vulnerability_id": "VCID-f3vg-25ur-57a4", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65578", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65631", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-30535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30535" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079", "reference_id": "990079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079" }, { "reference_url": "https://security.archlinux.org/ASA-202106-2", "reference_id": "ASA-202106-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-2" }, { "reference_url": "https://security.archlinux.org/AVG-1990", "reference_id": "AVG-1990", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1990" }, { "reference_url": "https://security.archlinux.org/AVG-1991", "reference_id": "AVG-1991", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1991" }, { "reference_url": "https://usn.ubuntu.com/5156-1/", "reference_id": "USN-5156-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5156-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518828?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7v8-vz82-6ucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2021-30535" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3vg-25ur-57a4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72729?format=api", "vulnerability_id": "VCID-f7v8-vz82-6ucj", "summary": "A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5222.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5222.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.1026", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5222" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106684", "reference_id": "1106684", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106684" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368600", "reference_id": "2368600", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368600" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-5222", "reference_id": "CVE-2025-5222", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-5222" }, { "reference_url": "https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-22957", "reference_id": "ICU-22957", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://unicode-org.atlassian.net/jira/software/c/projects/ICU/issues/ICU-22957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11888", "reference_id": "RHSA-2025:11888", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12083", "reference_id": "RHSA-2025:12083", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12083" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12331", "reference_id": "RHSA-2025:12331", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12332", "reference_id": "RHSA-2025:12332", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12333", "reference_id": "RHSA-2025:12333", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T13:49:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12333" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1033489?format=api", "purl": "pkg:deb/debian/icu@72.1-3%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@72.1-3%252Bdeb12u1" } ], "aliases": [ "CVE-2025-5222" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f7v8-vz82-6ucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72708?format=api", "vulnerability_id": "VCID-fmhx-7a3k-ffdx", "summary": "Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.83153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.83178", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569", "reference_id": "1383569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-9911" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmhx-7a3k-ffdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4331?format=api", "vulnerability_id": "VCID-hkbb-bc99-yqdd", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85888", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85909", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", "reference_id": "1523136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766", "reference_id": "892766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3401", "reference_id": "RHSA-2017:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3401" }, { "reference_url": "https://usn.ubuntu.com/3610-1/", "reference_id": "USN-3610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkbb-bc99-yqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72710?format=api", "vulnerability_id": "VCID-k1bn-aprc-m3ht", "summary": "The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.79153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.79179", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574", "reference_id": "1245574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647", "reference_id": "798647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647" }, { "reference_url": "https://security.gentoo.org/glsa/201603-09", "reference_id": "GLSA-201603-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1499", "reference_id": "RHSA-2015:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1499" }, { "reference_url": "https://usn.ubuntu.com/2677-1/", "reference_id": "USN-2677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2677-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-1270" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bn-aprc-m3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72706?format=api", "vulnerability_id": "VCID-qwzq-dmn1-j7fy", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97501", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97507", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200", "reference_id": "1176200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8147" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwzq-dmn1-j7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72728?format=api", "vulnerability_id": "VCID-un3w-2ee4-jbcy", "summary": "International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-21913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27295", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27363", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006950", "reference_id": "2006950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006950" }, { "reference_url": "https://usn.ubuntu.com/5133-1/", "reference_id": "USN-5133-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5133-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/518828?format=api", "purl": "pkg:deb/debian/icu@67.1-7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f7v8-vz82-6ucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7" } ], "aliases": [ "CVE-2020-21913" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-un3w-2ee4-jbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72723?format=api", "vulnerability_id": "VCID-wpkr-mbq4-ekg5", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78603", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097", "reference_id": "1444097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7867" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpkr-mbq4-ekg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72726?format=api", "vulnerability_id": "VCID-xdhx-y4jj-xfeu", "summary": "International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.70205", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00612", "scoring_system": "epss", "scoring_elements": "0.70247", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646702", "reference_id": "1646702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646702" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2018-18928" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xdhx-y4jj-xfeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72721?format=api", "vulnerability_id": "VCID-yzqr-kpjj-akgj", "summary": "Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.7928", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.79306", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361", "reference_id": "1377361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694", "reference_id": "838694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-7415" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzqr-kpjj-akgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72705?format=api", "vulnerability_id": "VCID-zkex-ss5h-5ke5", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96359", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96364", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197", "reference_id": "1176197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8146" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkex-ss5h-5ke5" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72717?format=api", "vulnerability_id": "VCID-3hng-5n5z-7faw", "summary": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11054", "scoring_system": "epss", "scoring_elements": "0.93584", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.11054", "scoring_system": "epss", "scoring_elements": "0.93594", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318", "reference_id": "1273318", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273318" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1919", "reference_id": "RHSA-2015:1919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1920", "reference_id": "RHSA-2015:1920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1921", "reference_id": "RHSA-2015:1921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1926", "reference_id": "RHSA-2015:1926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1927", "reference_id": "RHSA-2015:1927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1928", "reference_id": "RHSA-2015:1928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2086", "reference_id": "RHSA-2015:2086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2506", "reference_id": "RHSA-2015:2506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2507", "reference_id": "RHSA-2015:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2508", "reference_id": "RHSA-2015:2508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2509", "reference_id": "RHSA-2015:2509", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2509" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2518", "reference_id": "RHSA-2015:2518", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2784-1/", "reference_id": "USN-2784-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2784-1/" }, { "reference_url": "https://usn.ubuntu.com/2827-1/", "reference_id": "USN-2827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2827-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4844" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hng-5n5z-7faw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72718?format=api", "vulnerability_id": "VCID-6grx-g6uw-yybd", "summary": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90506", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05634", "scoring_system": "epss", "scoring_elements": "0.90521", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906", "reference_id": "1298906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298906" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201610-08", "reference_id": "GLSA-201610-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0049", "reference_id": "RHSA-2016:0049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0050", "reference_id": "RHSA-2016:0050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0053", "reference_id": "RHSA-2016:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0054", "reference_id": "RHSA-2016:0054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0055", "reference_id": "RHSA-2016:0055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0056", "reference_id": "RHSA-2016:0056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0057", "reference_id": "RHSA-2016:0057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0067", "reference_id": "RHSA-2016:0067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0098", "reference_id": "RHSA-2016:0098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0099", "reference_id": "RHSA-2016:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0100", "reference_id": "RHSA-2016:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0101", "reference_id": "RHSA-2016:0101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1430", "reference_id": "RHSA-2016:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "reference_url": "https://usn.ubuntu.com/2884-1/", "reference_id": "USN-2884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2884-1/" }, { "reference_url": "https://usn.ubuntu.com/2885-1/", "reference_id": "USN-2885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2885-1/" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-0494" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6grx-g6uw-yybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72724?format=api", "vulnerability_id": "VCID-6q8q-9q3y-abhc", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77775", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0104", "scoring_system": "epss", "scoring_elements": "0.77802", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098", "reference_id": "1444098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444098" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7868" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6q8q-9q3y-abhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72712?format=api", "vulnerability_id": "VCID-8ucv-hrcz-uqau", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.8283", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01738", "scoring_system": "epss", "scoring_elements": "0.82856", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394", "reference_id": "1242394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242394" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-2632" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ucv-hrcz-uqau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72719?format=api", "vulnerability_id": "VCID-aykx-vyhu-7yfr", "summary": "The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01066", "scoring_system": "epss", "scoring_elements": "0.78032", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01066", "scoring_system": "epss", "scoring_elements": "0.7806", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339", "reference_id": "1360339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360339" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-6293" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aykx-vyhu-7yfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72715?format=api", "vulnerability_id": "VCID-f3kd-641n-17ch", "summary": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93063", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09686", "scoring_system": "epss", "scoring_elements": "0.93074", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0477" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0480" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2613" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4731" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447", "reference_id": "1242447", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1242447" }, { "reference_url": "https://security.gentoo.org/glsa/201603-11", "reference_id": "GLSA-201603-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-11" }, { "reference_url": "https://security.gentoo.org/glsa/201603-14", "reference_id": "GLSA-201603-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1228", "reference_id": "RHSA-2015:1228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1229", "reference_id": "RHSA-2015:1229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1230", "reference_id": "RHSA-2015:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1241", "reference_id": "RHSA-2015:1241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1242", "reference_id": "RHSA-2015:1242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1243", "reference_id": "RHSA-2015:1243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1485", "reference_id": "RHSA-2015:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1486", "reference_id": "RHSA-2015:1486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1488", "reference_id": "RHSA-2015:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1526", "reference_id": "RHSA-2015:1526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1544", "reference_id": "RHSA-2015:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1604", "reference_id": "RHSA-2015:1604", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1604" }, { "reference_url": "https://usn.ubuntu.com/2696-1/", "reference_id": "USN-2696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2696-1/" }, { "reference_url": "https://usn.ubuntu.com/2706-1/", "reference_id": "USN-2706-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2706-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-4760" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3kd-641n-17ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72708?format=api", "vulnerability_id": "VCID-fmhx-7a3k-ffdx", "summary": "Stack-based buffer overflow in the ures_getByKeyWithFallback function in common/uresbund.cpp in International Components for Unicode (ICU) before 54.1 for C/C++ allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted uloc_getDisplayName call.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.83153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01804", "scoring_system": "epss", "scoring_elements": "0.83178", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569", "reference_id": "1383569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383569" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-9911" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmhx-7a3k-ffdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4331?format=api", "vulnerability_id": "VCID-hkbb-bc99-yqdd", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85888", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02598", "scoring_system": "epss", "scoring_elements": "0.85909", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", "reference_id": "1523136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766", "reference_id": "892766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892766" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3401", "reference_id": "RHSA-2017:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3401" }, { "reference_url": "https://usn.ubuntu.com/3610-1/", "reference_id": "USN-3610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5830?format=api", "purl": "pkg:deb/debian/icu@63.1-6%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@63.1-6%252Bdeb10u3" } ], "aliases": [ "CVE-2017-15422" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkbb-bc99-yqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72710?format=api", "vulnerability_id": "VCID-k1bn-aprc-m3ht", "summary": "The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1270.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.79153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01188", "scoring_system": "epss", "scoring_elements": "0.79179", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574", "reference_id": "1245574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245574" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647", "reference_id": "798647", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798647" }, { "reference_url": "https://security.gentoo.org/glsa/201603-09", "reference_id": "GLSA-201603-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1499", "reference_id": "RHSA-2015:1499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1499" }, { "reference_url": "https://usn.ubuntu.com/2677-1/", "reference_id": "USN-2677-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2677-1/" }, { "reference_url": "https://usn.ubuntu.com/2740-1/", "reference_id": "USN-2740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2015-1270" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bn-aprc-m3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72706?format=api", "vulnerability_id": "VCID-qwzq-dmn1-j7fy", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97501", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.41904", "scoring_system": "epss", "scoring_elements": "0.97507", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200", "reference_id": "1176200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8147" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwzq-dmn1-j7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72723?format=api", "vulnerability_id": "VCID-wpkr-mbq4-ekg5", "summary": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78603", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097", "reference_id": "1444097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444097" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314", "reference_id": "860314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860314" }, { "reference_url": "https://security.gentoo.org/glsa/201710-03", "reference_id": "GLSA-201710-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-03" }, { "reference_url": "https://usn.ubuntu.com/3274-1/", "reference_id": "USN-3274-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-1/" }, { "reference_url": "https://usn.ubuntu.com/3274-2/", "reference_id": "USN-3274-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3274-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2017-7867" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpkr-mbq4-ekg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72721?format=api", "vulnerability_id": "VCID-yzqr-kpjj-akgj", "summary": "Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.7928", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.79306", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361", "reference_id": "1377361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694", "reference_id": "838694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838694" }, { "reference_url": "https://security.gentoo.org/glsa/201701-58", "reference_id": "GLSA-201701-58", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-58" }, { "reference_url": "https://usn.ubuntu.com/3227-1/", "reference_id": "USN-3227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2016-7415" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzqr-kpjj-akgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72705?format=api", "vulnerability_id": "VCID-zkex-ss5h-5ke5", "summary": "The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96359", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.25808", "scoring_system": "epss", "scoring_elements": "0.96364", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4760" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197", "reference_id": "1176197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773", "reference_id": "784773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784773" }, { "reference_url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://github.com/pedrib/PoC/blob/a2842a650de88c582e963493d5e2711aa4a1b747/advisories/i-c-u-fail.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt", "reference_id": "CVE-2014-8147;CVE-2014-8146", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43887.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201507-04", "reference_id": "GLSA-201507-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201507-04" }, { "reference_url": "https://usn.ubuntu.com/2605-1/", "reference_id": "USN-2605-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2605-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4544?format=api", "purl": "pkg:deb/debian/icu@4.8.1.1-12%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1937-rk84-qydq" }, { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-3yjj-bp6d-tkab" }, { "vulnerability": "VCID-562t-my7q-fkhk" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-bkbn-dxg2-dqfk" }, { "vulnerability": "VCID-excs-dj44-yfby" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fbng-2ww3-6bdu" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-kauc-686u-jqeh" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-rz8q-v7bh-9fe1" }, { "vulnerability": "VCID-scv7-4fwv-vyek" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-wsen-t4x7-wuhc" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yhgb-pmpp-9uc2" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.8.1.1-12%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4546?format=api", "purl": "pkg:deb/debian/icu@52.1-8%2Bdeb8u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3hng-5n5z-7faw" }, { "vulnerability": "VCID-6grx-g6uw-yybd" }, { "vulnerability": "VCID-6q8q-9q3y-abhc" }, { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-8ucv-hrcz-uqau" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-aykx-vyhu-7yfr" }, { "vulnerability": "VCID-f3kd-641n-17ch" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-fmhx-7a3k-ffdx" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-k1bn-aprc-m3ht" }, { "vulnerability": "VCID-qwzq-dmn1-j7fy" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-wpkr-mbq4-ekg5" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" }, { "vulnerability": "VCID-yzqr-kpjj-akgj" }, { "vulnerability": "VCID-zkex-ss5h-5ke5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/5083?format=api", "purl": "pkg:deb/debian/icu@57.1-6%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7fz2-29gm-eufm" }, { "vulnerability": "VCID-9ubw-4yby-v3bp" }, { "vulnerability": "VCID-f3vg-25ur-57a4" }, { "vulnerability": "VCID-f7v8-vz82-6ucj" }, { "vulnerability": "VCID-hkbb-bc99-yqdd" }, { "vulnerability": "VCID-un3w-2ee4-jbcy" }, { "vulnerability": "VCID-xdhx-y4jj-xfeu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@57.1-6%252Bdeb9u4" } ], "aliases": [ "CVE-2014-8146" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkex-ss5h-5ke5" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@52.1-8%252Bdeb8u7" }