Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/519335?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/519335?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.0.0.CR3", "type": "maven", "namespace": "io.netty", "name": "netty-codec", "version": "4.0.0.CR3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.1.133.Final", "latest_non_vulnerable_version": "4.1.133.Final", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9849?format=api", "vulnerability_id": "VCID-5d41-qjjm-k7h7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37137.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02383", "scoring_system": "epss", "scoring_elements": "0.85391", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02383", "scoring_system": "epss", "scoring_elements": "0.85398", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02383", "scoring_system": "epss", "scoring_elements": "0.85389", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02383", "scoring_system": "epss", "scoring_elements": "0.85337", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L171", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L171" }, { "reference_url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L185", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L185" }, { "reference_url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L79", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/SnappyFrameDecoder.java#L79" }, { "reference_url": "https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f" }, { "reference_url": "https://github.com/netty/netty/security/advisories/GHSA-9vjp-v76f-g363", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/security/advisories/GHSA-9vjp-v76f-g363" }, { "reference_url": "https://lists.apache.org/thread.html/r06a145c9bd41a7344da242cef07977b24abe3349161ede948e30913d@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r06a145c9bd41a7344da242cef07977b24abe3349161ede948e30913d@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5406eaf3b07577d233b9f07cfc8f26e28369e6bab5edfcab41f28abb@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5406eaf3b07577d233b9f07cfc8f26e28369e6bab5edfcab41f28abb@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5e05eba32476c580412f9fbdfc9b8782d5b40558018ac4ac07192a04@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5e05eba32476c580412f9fbdfc9b8782d5b40558018ac4ac07192a04@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd262f59b1586a108e320e5c966feeafbb1b8cdc96965debc7cc10b16@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd262f59b1586a108e320e5c966feeafbb1b8cdc96965debc7cc10b16@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb2bf8597e53364ccab212fbcbb2a4e9f0a9e1429b1dc08023c6868e@%3Cdev.tinkerpop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfb2bf8597e53364ccab212fbcbb2a4e9f0a9e1429b1dc08023c6868e@%3Cdev.tinkerpop.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0012", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220210-0012" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220210-0012/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5316", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2023/dsa-5316" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014769", "reference_id": "1014769", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014769" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135", "reference_id": "2004135", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135" }, { "reference_url": "https://github.com/advisories/GHSA-9vjp-v76f-g363", "reference_id": "GHSA-9vjp-v76f-g363", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9vjp-v76f-g363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3959", "reference_id": "RHSA-2021:3959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4851", "reference_id": "RHSA-2021:4851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5127", "reference_id": "RHSA-2021:5127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5128", "reference_id": "RHSA-2021:5128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5129", "reference_id": "RHSA-2021:5129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0138", "reference_id": "RHSA-2022:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0520", "reference_id": "RHSA-2022:0520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0589", "reference_id": "RHSA-2022:0589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1013", "reference_id": "RHSA-2022:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2216", "reference_id": "RHSA-2022:2216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2217", "reference_id": "RHSA-2022:2217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2218", "reference_id": "RHSA-2022:2218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5903", "reference_id": "RHSA-2022:5903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6835", "reference_id": "RHSA-2022:6835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8506", "reference_id": "RHSA-2022:8506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3223", "reference_id": "RHSA-2023:3223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5165", "reference_id": "RHSA-2023:5165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9582", "reference_id": "RHSA-2025:9582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9583", "reference_id": "RHSA-2025:9583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9583" }, { "reference_url": "https://usn.ubuntu.com/6049-1/", "reference_id": "USN-6049-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6049-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382555?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.68.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cdtg-fkv9-e3fa" }, { "vulnerability": "VCID-ptca-mxsw-fqfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.68.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/391801?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.68", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.68" } ], "aliases": [ "CVE-2021-37137", "GHSA-9vjp-v76f-g363" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5d41-qjjm-k7h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9848?format=api", "vulnerability_id": "VCID-b1r2-zd7t-8uef", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37136.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37136.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01187", "scoring_system": "epss", "scoring_elements": "0.79289", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01187", "scoring_system": "epss", "scoring_elements": "0.79294", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01187", "scoring_system": "epss", "scoring_elements": "0.79281", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01187", "scoring_system": "epss", "scoring_elements": "0.79216", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L294", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L294" }, { "reference_url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L305", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L305" }, { "reference_url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L80", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/blob/4.1/codec/src/main/java/io/netty/handler/codec/compression/Bzip2Decoder.java#L80" }, { "reference_url": "https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020" }, { "reference_url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv" }, { "reference_url": "https://lists.apache.org/thread.html/r06a145c9bd41a7344da242cef07977b24abe3349161ede948e30913d@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r06a145c9bd41a7344da242cef07977b24abe3349161ede948e30913d@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5406eaf3b07577d233b9f07cfc8f26e28369e6bab5edfcab41f28abb@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5406eaf3b07577d233b9f07cfc8f26e28369e6bab5edfcab41f28abb@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r5e05eba32476c580412f9fbdfc9b8782d5b40558018ac4ac07192a04@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r5e05eba32476c580412f9fbdfc9b8782d5b40558018ac4ac07192a04@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r75490c61c2cb7b6ae2c81238fd52ae13636c60435abcd732d41531a0@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rd262f59b1586a108e320e5c966feeafbb1b8cdc96965debc7cc10b16@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rd262f59b1586a108e320e5c966feeafbb1b8cdc96965debc7cc10b16@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rfb2bf8597e53364ccab212fbcbb2a4e9f0a9e1429b1dc08023c6868e@%3Cdev.tinkerpop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rfb2bf8597e53364ccab212fbcbb2a4e9f0a9e1429b1dc08023c6868e@%3Cdev.tinkerpop.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0012", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220210-0012" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220210-0012/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220210-0012/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5316", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2023/dsa-5316" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014769", "reference_id": "1014769", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014769" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133", "reference_id": "2004133", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133" }, { "reference_url": "https://github.com/advisories/GHSA-grg4-wf29-r9vv", "reference_id": "GHSA-grg4-wf29-r9vv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-grg4-wf29-r9vv" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3959", "reference_id": "RHSA-2021:3959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4851", "reference_id": "RHSA-2021:4851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5127", "reference_id": "RHSA-2021:5127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5128", "reference_id": "RHSA-2021:5128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5129", "reference_id": "RHSA-2021:5129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5134", "reference_id": "RHSA-2021:5134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0138", "reference_id": "RHSA-2022:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0520", "reference_id": "RHSA-2022:0520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0589", "reference_id": "RHSA-2022:0589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0589" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1013", "reference_id": "RHSA-2022:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2216", "reference_id": "RHSA-2022:2216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2217", "reference_id": "RHSA-2022:2217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2218", "reference_id": "RHSA-2022:2218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5903", "reference_id": "RHSA-2022:5903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6835", "reference_id": "RHSA-2022:6835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8506", "reference_id": "RHSA-2022:8506", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8506" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3223", "reference_id": "RHSA-2023:3223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5165", "reference_id": "RHSA-2023:5165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9582", "reference_id": "RHSA-2025:9582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9583", "reference_id": "RHSA-2025:9583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9583" }, { "reference_url": "https://usn.ubuntu.com/6049-1/", "reference_id": "USN-6049-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6049-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/382555?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.68.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cdtg-fkv9-e3fa" }, { "vulnerability": "VCID-ptca-mxsw-fqfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.68.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/391801?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.68", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.68" } ], "aliases": [ "CVE-2021-37136", "GHSA-grg4-wf29-r9vv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1r2-zd7t-8uef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28686?format=api", "vulnerability_id": "VCID-cdtg-fkv9-e3fa", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-42583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04329", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04315", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04319", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.05123", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-42583" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42583", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42583" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914", "reference_id": "1139914", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914" }, { "reference_url": "https://github.com/advisories/GHSA-mj4r-2hfc-f8p6", "reference_id": "GHSA-mj4r-2hfc-f8p6", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mj4r-2hfc-f8p6" }, { "reference_url": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6", "reference_id": "GHSA-mj4r-2hfc-f8p6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-14T15:40:38Z/" } ], "url": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/375983?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.133.Final", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.133.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/1206418?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.133", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.133" } ], "aliases": [ "CVE-2026-42583", "GHSA-mj4r-2hfc-f8p6" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cdtg-fkv9-e3fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25653?format=api", "vulnerability_id": "VCID-ptca-mxsw-fqfj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58057.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58057.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19905", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.20071", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.20096", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.20077", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58057" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113994", "reference_id": "1113994", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113994" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393000", "reference_id": "2393000", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393000" }, { "reference_url": "https://github.com/netty/netty/commit/9d804c54ce962408ae6418255a83a13924f7145d", "reference_id": "9d804c54ce962408ae6418255a83a13924f7145d", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:59:14Z/" } ], "url": "https://github.com/netty/netty/commit/9d804c54ce962408ae6418255a83a13924f7145d" }, { "reference_url": "https://github.com/advisories/GHSA-3p8m-j85q-pgmj", "reference_id": "GHSA-3p8m-j85q-pgmj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3p8m-j85q-pgmj" }, { "reference_url": "https://github.com/netty/netty/security/advisories/GHSA-3p8m-j85q-pgmj", "reference_id": "GHSA-3p8m-j85q-pgmj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:59:14Z/" } ], "url": "https://github.com/netty/netty/security/advisories/GHSA-3p8m-j85q-pgmj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17187", "reference_id": "RHSA-2025:17187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17563", "reference_id": "RHSA-2025:17563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19077", "reference_id": "RHSA-2025:19077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23417", "reference_id": "RHSA-2025:23417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3951", "reference_id": "RHSA-2026:3951", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3951" }, { "reference_url": "https://usn.ubuntu.com/7918-1/", "reference_id": "USN-7918-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7918-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376836?format=api", "purl": "pkg:maven/io.netty/netty-codec@4.1.125.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cdtg-fkv9-e3fa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.1.125.Final" } ], "aliases": [ "CVE-2025-58057", "GHSA-3p8m-j85q-pgmj" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptca-mxsw-fqfj" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec@4.0.0.CR3" }