Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/glibc@0?distro=trixie

Type deb

Namespace debian

Name glibc

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.2-1

Latest_non_vulnerable_version 2.42-15

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-cs4a-sme5-7yha

vulnerability_id VCID-cs4a-sme5-7yha

summary

Multiple vulnerabilities have been found in GNU C Library, the
    worst of which allowing arbitrary code execution and privilege escalation.

references

reference_url	http://lists.debian.org/debian-security-announce/2011/msg00005.html
reference_id
reference_type
scores
url	http://lists.debian.org/debian-security-announce/2011/msg00005.html

reference_url	http://openwall.com/lists/oss-security/2011/02/01/3
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/02/01/3

reference_url	http://openwall.com/lists/oss-security/2011/02/03/2
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/02/03/2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0536.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0536.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0536

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51609
published_at	2026-04-21T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.5148
published_at	2026-04-01T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51532
published_at	2026-04-02T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51559
published_at	2026-04-04T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51519
published_at	2026-04-07T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51573
published_at	2026-04-08T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.5157
published_at	2026-04-09T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.5162
published_at	2026-04-11T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51599
published_at	2026-04-12T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51582
published_at	2026-04-13T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51624
published_at	2026-04-16T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51631
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0536

reference_url	http://secunia.com/advisories/43830
reference_id
reference_type
scores
url	http://secunia.com/advisories/43830

reference_url	http://secunia.com/advisories/43989
reference_id
reference_type
scores
url	http://secunia.com/advisories/43989

reference_url	http://secunia.com/advisories/46397
reference_id
reference_type
scores
url	http://secunia.com/advisories/46397

reference_url	http://securitytracker.com/id?1025289
reference_id
reference_type
scores
url	http://securitytracker.com/id?1025289

reference_url	https://launchpad.net/bugs/701783
reference_id
reference_type
scores
url	https://launchpad.net/bugs/701783

reference_url	http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699
reference_id
reference_type
scores
url	http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=96611391ad8823ba58405325d78cefeae5cdf699

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13086

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:178

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0412.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0412.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0413.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0413.html

reference_url	http://www.securityfocus.com/archive/1/520102/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/520102/100/0/threaded

reference_url	http://www.ubuntu.com/usn/USN-1009-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1009-2

reference_url	http://www.vmware.com/security/advisories/VMSA-2011-0012.html
reference_id
reference_type
scores
url	http://www.vmware.com/security/advisories/VMSA-2011-0012.html

reference_url	http://www.vupen.com/english/advisories/2011/0863
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0863

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=667974
reference_id	667974
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=667974

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:::::::*
reference_id	cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.12-1.7.el6_0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:::::::*
reference_id	cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.5-49.el5_5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux::::::::
reference_id	cpe:2.3:o:redhat:enterprise_linux::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0536

reference_id

CVE-2011-0536

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0536

reference_url	https://security.gentoo.org/glsa/201312-01
reference_id	GLSA-201312-01
reference_type
scores
url	https://security.gentoo.org/glsa/201312-01

reference_url	https://access.redhat.com/errata/RHSA-2011:0412
reference_id	RHSA-2011:0412
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0412

reference_url	https://access.redhat.com/errata/RHSA-2011:0413
reference_id	RHSA-2011:0413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0413

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2011-0536

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cs4a-sme5-7yha

url VCID-dgmx-612a-eqfq

vulnerability_id VCID-dgmx-612a-eqfq

summary Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38604.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38604.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-38604

reference_id

reference_type

scores

value	0.00102
scoring_system	epss
scoring_elements	0.28049
published_at	2026-04-01T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27919
published_at	2026-04-21T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27968
published_at	2026-04-18T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.28121
published_at	2026-04-02T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27985
published_at	2026-04-16T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.27977
published_at	2026-04-13T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.28034
published_at	2026-04-12T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.28077
published_at	2026-04-11T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.2807
published_at	2026-04-09T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.28028
published_at	2026-04-08T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.28164
published_at	2026-04-04T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.2796
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-38604

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1993517
reference_id	1993517
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1993517

reference_url

https://security.archlinux.org/AVG-2293

reference_id

AVG-2293

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2293

reference_url

https://security.gentoo.org/glsa/202208-24

reference_id

GLSA-202208-24

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://security.gentoo.org/glsa/202208-24

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/

reference_id

GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/

reference_url

https://security.netapp.com/advisory/ntap-20210909-0005/

reference_id

ntap-20210909-0005

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://security.netapp.com/advisory/ntap-20210909-0005/

reference_url

https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641

reference_id

?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=4cc79c217744743077bf7a0ec5e0a4318f1e6641

reference_url

https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8

reference_id

?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=b805aebd42364fe696e417808a700fdb9800c9e8

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=28213

reference_id

show_bug.cgi?id=28213

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=28213

reference_url

https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc

reference_id

tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:18:15Z/

url

https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2021-38604

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgmx-612a-eqfq

url VCID-duv1-qtpd-ybdg

vulnerability_id VCID-duv1-qtpd-ybdg

summary glibc: vDSO getrandom acceleration may return predictable randomness

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0577.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0577.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-0577

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01538
published_at	2026-04-21T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01436
published_at	2026-04-16T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01451
published_at	2026-04-18T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03365
published_at	2026-04-11T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03336
published_at	2026-04-12T12:55:00Z

value	0.00015
scoring_system	epss
scoring_elements	0.03313
published_at	2026-04-13T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03554
published_at	2026-04-04T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03564
published_at	2026-04-08T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03586
published_at	2026-04-09T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03563
published_at	2026-04-07T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.0354
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-0577

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2338871
reference_id	2338871
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2338871

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2025-0577

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duv1-qtpd-ybdg

url VCID-et4n-9tuq-k3ct

vulnerability_id VCID-et4n-9tuq-k3ct

summary Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6246.json

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6246.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6246

reference_id

reference_type

scores

value	0.25481
scoring_system	epss
scoring_elements	0.96234
published_at	2026-04-21T12:55:00Z

value	0.25481
scoring_system	epss
scoring_elements	0.96219
published_at	2026-04-12T12:55:00Z

value	0.25481
scoring_system	epss
scoring_elements	0.96221
published_at	2026-04-13T12:55:00Z

value	0.25481
scoring_system	epss
scoring_elements	0.96229
published_at	2026-04-16T12:55:00Z

value	0.25481
scoring_system	epss
scoring_elements	0.96233
published_at	2026-04-18T12:55:00Z

value	0.26964
scoring_system	epss
scoring_elements	0.9634
published_at	2026-04-02T12:55:00Z

value	0.26964
scoring_system	epss
scoring_elements	0.96356
published_at	2026-04-08T12:55:00Z

value	0.26964
scoring_system	epss
scoring_elements	0.96348
published_at	2026-04-07T12:55:00Z

value	0.26964
scoring_system	epss
scoring_elements	0.96344
published_at	2026-04-04T12:55:00Z

value	0.26964
scoring_system	epss
scoring_elements	0.9636
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6246

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2249053

reference_id

2249053

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2249053

reference_url

http://seclists.org/fulldisclosure/2024/Feb/3

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

http://seclists.org/fulldisclosure/2024/Feb/3

reference_url

http://seclists.org/fulldisclosure/2024/Feb/5

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

http://seclists.org/fulldisclosure/2024/Feb/5

reference_url

https://www.openwall.com/lists/oss-security/2024/01/30/6

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://www.openwall.com/lists/oss-security/2024/01/30/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2023-6246

reference_id

CVE-2023-6246

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://access.redhat.com/security/cve/CVE-2023-6246

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/

reference_id

D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/

reference_url

http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html

reference_id

glibc-qsort-Out-Of-Bounds-Read-Write.html

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html

reference_url

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_id

glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_url

https://security.gentoo.org/glsa/202402-01

reference_id

GLSA-202402-01

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://security.gentoo.org/glsa/202402-01

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/

reference_id

MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/

reference_url

https://security.netapp.com/advisory/ntap-20240216-0007/

reference_id

ntap-20240216-0007

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://security.netapp.com/advisory/ntap-20240216-0007/

reference_url

https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt

reference_id

syslog.txt

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-09T05:00:28Z/

url

https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt

reference_url	https://usn.ubuntu.com/6620-1/
reference_id	USN-6620-1
reference_type
scores
url	https://usn.ubuntu.com/6620-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-15?distro=trixie
purl	pkg:deb/debian/glibc@2.37-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-15%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2023-6246

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-et4n-9tuq-k3ct

url VCID-jkcw-geyg-t3e5

vulnerability_id VCID-jkcw-geyg-t3e5

summary Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6780.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6780.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6780

reference_id

reference_type

scores

value	0.00215
scoring_system	epss
scoring_elements	0.4403
published_at	2026-04-21T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44092
published_at	2026-04-11T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.4406
published_at	2026-04-12T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44044
published_at	2026-04-13T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44105
published_at	2026-04-16T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44096
published_at	2026-04-18T12:55:00Z

value	0.00234
scoring_system	epss
scoring_elements	0.4625
published_at	2026-04-04T12:55:00Z

value	0.00234
scoring_system	epss
scoring_elements	0.46231
published_at	2026-04-02T12:55:00Z

value	0.00234
scoring_system	epss
scoring_elements	0.46256
published_at	2026-04-09T12:55:00Z

value	0.00234
scoring_system	epss
scoring_elements	0.46254
published_at	2026-04-08T12:55:00Z

value	0.00234
scoring_system	epss
scoring_elements	0.46198
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6780

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2254396

reference_id

2254396

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2254396

reference_url

http://seclists.org/fulldisclosure/2024/Feb/3

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

http://seclists.org/fulldisclosure/2024/Feb/3

reference_url

https://www.openwall.com/lists/oss-security/2024/01/30/6

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://www.openwall.com/lists/oss-security/2024/01/30/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2023-6780

reference_id

CVE-2023-6780

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://access.redhat.com/security/cve/CVE-2023-6780

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/

reference_id

D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/

reference_url

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_id

glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_url

https://security.gentoo.org/glsa/202402-01

reference_id

GLSA-202402-01

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://security.gentoo.org/glsa/202402-01

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/

reference_id

MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/

reference_url

https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt

reference_id

syslog.txt

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T16:36:34Z/

url

https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt

reference_url	https://usn.ubuntu.com/6620-1/
reference_id	USN-6620-1
reference_type
scores
url	https://usn.ubuntu.com/6620-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-15?distro=trixie
purl	pkg:deb/debian/glibc@2.37-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-15%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2023-6780

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jkcw-geyg-t3e5

url VCID-k8c9-hx6q-mbfq

vulnerability_id VCID-k8c9-hx6q-mbfq

summary Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39046.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39046.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-39046

reference_id

reference_type

scores

value	0.00685
scoring_system	epss
scoring_elements	0.71628
published_at	2026-04-02T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71646
published_at	2026-04-04T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71619
published_at	2026-04-07T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71659
published_at	2026-04-08T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.7167
published_at	2026-04-09T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71694
published_at	2026-04-11T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71677
published_at	2026-04-12T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71658
published_at	2026-04-13T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71702
published_at	2026-04-16T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71708
published_at	2026-04-18T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.7169
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-39046

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2123394
reference_id	2123394
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2123394

reference_url	https://security.gentoo.org/glsa/202310-03
reference_id	GLSA-202310-03
reference_type
scores
url	https://security.gentoo.org/glsa/202310-03

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2022-39046

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k8c9-hx6q-mbfq

url VCID-kb2y-nbd3-mudm

vulnerability_id VCID-kb2y-nbd3-mudm

summary Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0537

reference_id

reference_type

scores

value	0.07054
scoring_system	epss
scoring_elements	0.9152
published_at	2026-04-21T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91456
published_at	2026-04-01T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91462
published_at	2026-04-02T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91469
published_at	2026-04-04T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91477
published_at	2026-04-07T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.9149
published_at	2026-04-08T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91496
published_at	2026-04-09T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91501
published_at	2026-04-13T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91503
published_at	2026-04-12T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91524
published_at	2026-04-16T12:55:00Z

value	0.07054
scoring_system	epss
scoring_elements	0.91519
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0537

reference_url	http://securityreason.com/achievement_securityalert/60
reference_id
reference_type
scores
url	http://securityreason.com/achievement_securityalert/60

reference_url	https://www.exploit-db.com/exploits/8163
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/8163

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c.diff?r1=1.41%3Br2=1.42%3Bf=h
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fts.c.diff?r1=1.41%3Br2=1.42%3Bf=h

reference_url	http://www.securityfocus.com/archive/1/501505/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/501505/100/0/threaded

reference_url	http://www.securityfocus.com/bid/34008
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/34008

reference_url	http://www.securitytracker.com/id?1021818
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1021818

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:interix:6.0::10.0.6030.0:::::
reference_id	cpe:2.3:a:microsoft:interix:6.0::10.0.6030.0:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:interix:6.0::10.0.6030.0:::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd::::::::
reference_id	cpe:2.3:o:openbsd:openbsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.0:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.1:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.2:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.3:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.4:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.5:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.6:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.7:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.8:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.9:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.0:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.1:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.2:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.3:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.4:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.5:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.6:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.7:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.8:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.9:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.0:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.1:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.2:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.3:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-0537

reference_id

CVE-2009-0537

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2009-0537

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/8163.txt
reference_id	OSVDB-52463;CVE-2009-0537
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/8163.txt

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2009-0537

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kb2y-nbd3-mudm

url VCID-mneq-btk4-5be2

vulnerability_id VCID-mneq-btk4-5be2

summary Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2702.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2702.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-2702

reference_id

reference_type

scores

value	0.03354
scoring_system	epss
scoring_elements	0.87342
published_at	2026-04-21T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87333
published_at	2026-04-12T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87329
published_at	2026-04-13T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87344
published_at	2026-04-16T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87347
published_at	2026-04-18T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87301
published_at	2026-04-07T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.8732
published_at	2026-04-08T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87327
published_at	2026-04-09T12:55:00Z

value	0.03354
scoring_system	epss
scoring_elements	0.87339
published_at	2026-04-11T12:55:00Z

value	0.04486
scoring_system	epss
scoring_elements	0.89068
published_at	2026-04-02T12:55:00Z

value	0.04486
scoring_system	epss
scoring_elements	0.89083
published_at	2026-04-04T12:55:00Z

value	0.04486
scoring_system	epss
scoring_elements	0.89059
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-2702

reference_url	https://bugzilla.novell.com/show_bug.cgi?id=706915
reference_id
reference_type
scores
url	https://bugzilla.novell.com/show_bug.cgi?id=706915

reference_url	http://seclists.org/oss-sec/2011/q3/123
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2011/q3/123

reference_url	http://seclists.org/oss-sec/2011/q3/153
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2011/q3/153

reference_url	https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e
reference_id
reference_type
scores
url	https://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=a0ac24d98ace90d1ccba6a2f3e7d55600f2fdb6e

reference_url	http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032
reference_id
reference_type
scores
url	http://www.eglibc.org/cgi-bin/viewvc.cgi/trunk/libc/ChangeLog?view=markup&pathrev=10032

reference_url	http://www.nodefense.org/eglibc.txt
reference_id
reference_type
scores
url	http://www.nodefense.org/eglibc.txt

reference_url	http://www.osvdb.org/80718
reference_id
reference_type
scores
url	http://www.osvdb.org/80718

reference_url	http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/
reference_id
reference_type
scores
url	http://xorl.wordpress.com/2011/08/06/cve-2011-2702-eglibc-and-glibc-signedness-issue/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:eglibc::::::::
reference_id	cpe:2.3:a:gnu:eglibc::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:eglibc::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc::::::::
reference_id	cpe:2.3:a:gnu:glibc::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.12:::::::*
reference_id	cpe:2.3:a:gnu:glibc:2.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.12.1:::::::*
reference_id	cpe:2.3:a:gnu:glibc:2.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.12.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-2702

reference_id

CVE-2011-2702

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-2702

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/20167.txt
reference_id	CVE-2011-2702;OSVDB-80718
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/20167.txt

reference_url	https://usn.ubuntu.com/1396-1/
reference_id	USN-1396-1
reference_type
scores
url	https://usn.ubuntu.com/1396-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2011-2702

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mneq-btk4-5be2

url VCID-mt2t-g9ge-pfgz

vulnerability_id VCID-mt2t-g9ge-pfgz

summary glibc: nscd client crash on x86_64 under high nscd load

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3904.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3904.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-3904

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.0188
published_at	2026-04-11T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02416
published_at	2026-04-21T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02594
published_at	2026-04-02T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02608
published_at	2026-04-04T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02611
published_at	2026-04-07T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02616
published_at	2026-04-08T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02635
published_at	2026-04-09T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02329
published_at	2026-04-12T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02327
published_at	2026-04-13T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02313
published_at	2026-04-16T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02319
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-3904

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033931
reference_id	1033931
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033931

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2446533
reference_id	2446533
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2446533

reference_url

https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0004;hb=HEAD

reference_id

GLIBC-SA-2026-0004;hb=HEAD

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:56:03Z/

url

https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0004;hb=HEAD

reference_url

https://sourceware.org/git/?p=glibc.git;a=commit;h=8804157ad9da39631703b92315460808eac86b0c

reference_id

?p=glibc.git;a=commit;h=8804157ad9da39631703b92315460808eac86b0c

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:56:03Z/

url

https://sourceware.org/git/?p=glibc.git;a=commit;h=8804157ad9da39631703b92315460808eac86b0c

reference_url

https://sourceware.org/git/?p=glibc.git;a=commit;h=b712be52645282c706a5faa038242504feb06db5

reference_id

?p=glibc.git;a=commit;h=b712be52645282c706a5faa038242504feb06db5

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:56:03Z/

url

https://sourceware.org/git/?p=glibc.git;a=commit;h=b712be52645282c706a5faa038242504feb06db5

reference_url	https://access.redhat.com/errata/RHSA-2026:7316
reference_id	RHSA-2026:7316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7316

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=29863

reference_id

show_bug.cgi?id=29863

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T15:56:03Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=29863

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2026-3904

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mt2t-g9ge-pfgz

url VCID-mxa4-rpev-nkhw

vulnerability_id VCID-mxa4-rpev-nkhw

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0403.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0403.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-0403

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.15377
published_at	2026-04-21T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15493
published_at	2026-04-01T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15534
published_at	2026-04-02T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15605
published_at	2026-04-04T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15407
published_at	2026-04-07T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15494
published_at	2026-04-08T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15544
published_at	2026-04-09T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15508
published_at	2026-04-11T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15471
published_at	2026-04-12T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15404
published_at	2026-04-13T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15325
published_at	2026-04-16T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.1533
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-0403

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=144059
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=144059

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9435
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9435

reference_url	http://www.redhat.com/support/errata/RHSA-2005-293.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-293.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617522
reference_id	1617522
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617522

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0::advanced_servers:::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0::enterprise_server:::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:3.0::workstation:::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-0403

reference_id

CVE-2005-0403

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2005-0403

reference_url	https://access.redhat.com/errata/RHSA-2005:293
reference_id	RHSA-2005:293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:293

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2005-0403

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mxa4-rpev-nkhw

url VCID-nfe7-dpqx-skfd

vulnerability_id VCID-nfe7-dpqx-skfd

summary glibc: glibc in Fedora 41 ships a broken getrandom/arc4random for ppc64le platform

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12455.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12455.json

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2332111
reference_id	2332111
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2332111

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2024-12455

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfe7-dpqx-skfd

url VCID-pnk4-ss5m-d3an

vulnerability_id VCID-pnk4-ss5m-d3an

summary glibc: calloc may return non-zero memory

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0176.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0176.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5229.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5229.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5229

reference_id

reference_type

scores

value	0.01
scoring_system	epss
scoring_elements	0.7702
published_at	2026-04-21T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.77025
published_at	2026-04-16T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.77027
published_at	2026-04-18T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76921
published_at	2026-04-01T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76928
published_at	2026-04-02T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76957
published_at	2026-04-04T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76939
published_at	2026-04-07T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76971
published_at	2026-04-08T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76983
published_at	2026-04-09T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.7701
published_at	2026-04-11T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76989
published_at	2026-04-12T12:55:00Z

value	0.01
scoring_system	epss
scoring_elements	0.76984
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5229

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1246713
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1246713

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1293976
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1293976

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10150
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10150

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/84172
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84172

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1256285
reference_id	1256285
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1256285

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-5229

reference_id

CVE-2015-5229

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-5229

reference_url	https://access.redhat.com/errata/RHSA-2016:0176
reference_id	RHSA-2016:0176
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0176

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2015-5229

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pnk4-ss5m-d3an

url VCID-pw6m-42j9-f7af

vulnerability_id VCID-pw6m-42j9-f7af

summary Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3998.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3998.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3998

reference_id

reference_type

scores

value	0.00198
scoring_system	epss
scoring_elements	0.41859
published_at	2026-04-02T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41805
published_at	2026-04-21T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41794
published_at	2026-04-01T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41888
published_at	2026-04-04T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41817
published_at	2026-04-07T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41866
published_at	2026-04-08T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41876
published_at	2026-04-18T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.419
published_at	2026-04-11T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41865
published_at	2026-04-12T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41853
published_at	2026-04-13T12:55:00Z

value	0.00198
scoring_system	epss
scoring_elements	0.41903
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3998

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2024633

reference_id

2024633

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2024633

reference_url

https://www.openwall.com/lists/oss-security/2022/01/24/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://www.openwall.com/lists/oss-security/2022/01/24/4

reference_url

https://security.archlinux.org/AVG-1621

reference_id

AVG-1621

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1621

reference_url

https://access.redhat.com/security/cve/CVE-2021-3998

reference_id

CVE-2021-3998

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://access.redhat.com/security/cve/CVE-2021-3998

reference_url

https://security-tracker.debian.org/tracker/CVE-2021-3998

reference_id

CVE-2021-3998

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://security-tracker.debian.org/tracker/CVE-2021-3998

reference_url

https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03

reference_id

gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03

reference_url

https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb

reference_id

gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb

reference_url	https://security.gentoo.org/glsa/202208-24
reference_id	GLSA-202208-24
reference_type
scores
url	https://security.gentoo.org/glsa/202208-24

reference_url

https://security.netapp.com/advisory/ntap-20221020-0003/

reference_id

ntap-20221020-0003

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://security.netapp.com/advisory/ntap-20221020-0003/

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=28770

reference_id

show_bug.cgi?id=28770

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T14:59:39Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=28770

reference_url	https://usn.ubuntu.com/5310-1/
reference_id	USN-5310-1
reference_type
scores
url	https://usn.ubuntu.com/5310-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.33-4?distro=trixie
purl	pkg:deb/debian/glibc@2.33-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.33-4%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2021-3998

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pw6m-42j9-f7af

url VCID-pz43-weh8-cqgj

vulnerability_id VCID-pz43-weh8-cqgj

summary glibc: Vector register overwrite bug in glibc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5702.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5702.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5702

reference_id

reference_type

scores

value	0.00291
scoring_system	epss
scoring_elements	0.52452
published_at	2026-04-02T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5254
published_at	2026-04-21T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52512
published_at	2026-04-13T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52551
published_at	2026-04-16T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52556
published_at	2026-04-18T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5248
published_at	2026-04-04T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52447
published_at	2026-04-07T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52499
published_at	2026-04-08T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52493
published_at	2026-04-09T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52544
published_at	2026-04-11T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52528
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5702

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107365
reference_id	1107365
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107365

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370472
reference_id	2370472
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370472

reference_url	https://access.redhat.com/errata/RHSA-2025:11066
reference_id	RHSA-2025:11066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11066

reference_url	https://access.redhat.com/errata/RHSA-2025:11487
reference_id	RHSA-2025:11487
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11487

reference_url	https://access.redhat.com/errata/RHSA-2025:9877
reference_id	RHSA-2025:9877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9877

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=33056

reference_id

show_bug.cgi?id=33056

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T20:17:18Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=33056

reference_url	https://usn.ubuntu.com/7634-1/
reference_id	USN-7634-1
reference_type
scores
url	https://usn.ubuntu.com/7634-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.41-9?distro=trixie
purl	pkg:deb/debian/glibc@2.41-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-9%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2025-5702

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pz43-weh8-cqgj

url VCID-q3am-4g9r-rffg

vulnerability_id VCID-q3am-4g9r-rffg

summary glibc: incorrect printf output for integers with thousands separator and width field

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25139.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25139.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25139

reference_id

reference_type

scores

value	0.00153
scoring_system	epss
scoring_elements	0.35951
published_at	2026-04-21T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.35962
published_at	2026-04-07T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36011
published_at	2026-04-08T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36035
published_at	2026-04-09T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3604
published_at	2026-04-11T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36002
published_at	2026-04-12T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.35977
published_at	2026-04-13T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36016
published_at	2026-04-16T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36001
published_at	2026-04-18T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36096
published_at	2026-04-02T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36126
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25139

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.openwall.com/lists/oss-security/2023/02/10/1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-26T14:48:30Z/

url

http://www.openwall.com/lists/oss-security/2023/02/10/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2167666
reference_id	2167666
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2167666

reference_url

https://security.archlinux.org/AVG-2833

reference_id

AVG-2833

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2833

reference_url

https://security.netapp.com/advisory/ntap-20230302-0010/

reference_id

ntap-20230302-0010

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-26T14:48:30Z/

url

https://security.netapp.com/advisory/ntap-20230302-0010/

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=30068

reference_id

show_bug.cgi?id=30068

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-26T14:48:30Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=30068

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2023-25139

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3am-4g9r-rffg

url VCID-qeyh-2f6t-bbbb

vulnerability_id VCID-qeyh-2f6t-bbbb

summary Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5156.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5156.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5156

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.1714
published_at	2026-04-21T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18304
published_at	2026-04-02T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18144
published_at	2026-04-08T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18199
published_at	2026-04-09T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18204
published_at	2026-04-11T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18157
published_at	2026-04-12T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18106
published_at	2026-04-13T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18049
published_at	2026-04-16T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18062
published_at	2026-04-18T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18359
published_at	2026-04-04T12:55:00Z

value	0.00058
scoring_system	epss
scoring_elements	0.18061
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5156

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053002
reference_id	1053002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053002

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2240541

reference_id

2240541

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:03:45Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2240541

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2023-5156

reference_id

CVE-2023-5156

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:03:45Z/

url

https://access.redhat.com/security/cve/CVE-2023-5156

reference_url	https://security.gentoo.org/glsa/202402-01
reference_id	GLSA-202402-01
reference_type
scores
url	https://security.gentoo.org/glsa/202402-01

reference_url

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796

reference_id

?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:03:45Z/

url

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=30884

reference_id

show_bug.cgi?id=30884

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-15T20:03:45Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=30884

reference_url	https://usn.ubuntu.com/6541-1/
reference_id	USN-6541-1
reference_type
scores
url	https://usn.ubuntu.com/6541-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-11?distro=trixie
purl	pkg:deb/debian/glibc@2.37-11?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2023-5156

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qeyh-2f6t-bbbb

url VCID-sphp-4b55-9fer

vulnerability_id VCID-sphp-4b55-9fer

summary glibc: Vector register overwrite bug in glibc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5745.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5745.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5745

reference_id

reference_type

scores

value	0.00255
scoring_system	epss
scoring_elements	0.48792
published_at	2026-04-02T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48828
published_at	2026-04-21T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48815
published_at	2026-04-12T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48872
published_at	2026-04-16T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48869
published_at	2026-04-18T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48817
published_at	2026-04-04T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48771
published_at	2026-04-07T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48826
published_at	2026-04-08T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.48823
published_at	2026-04-13T12:55:00Z

value	0.00255
scoring_system	epss
scoring_elements	0.4884
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5745

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107366
reference_id	1107366
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107366

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370488
reference_id	2370488
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370488

reference_url

https://sourceware.org/bugzilla/show_bug.cgi?id=33060

reference_id

show_bug.cgi?id=33060

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T20:11:39Z/

url

https://sourceware.org/bugzilla/show_bug.cgi?id=33060

reference_url	https://usn.ubuntu.com/7634-1/
reference_id	USN-7634-1
reference_type
scores
url	https://usn.ubuntu.com/7634-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.41-9?distro=trixie
purl	pkg:deb/debian/glibc@2.41-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-9%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2025-5745

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sphp-4b55-9fer

url VCID-tgp7-xmws-kued

vulnerability_id VCID-tgp7-xmws-kued

summary Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6779.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6779.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6779

reference_id

reference_type

scores

value	0.00654
scoring_system	epss
scoring_elements	0.70944
published_at	2026-04-21T12:55:00Z

value	0.00654
scoring_system	epss
scoring_elements	0.70943
published_at	2026-04-11T12:55:00Z

value	0.00654
scoring_system	epss
scoring_elements	0.70927
published_at	2026-04-12T12:55:00Z

value	0.00654
scoring_system	epss
scoring_elements	0.70911
published_at	2026-04-13T12:55:00Z

value	0.00654
scoring_system	epss
scoring_elements	0.70958
published_at	2026-04-16T12:55:00Z

value	0.00654
scoring_system	epss
scoring_elements	0.70965
published_at	2026-04-18T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72203
published_at	2026-04-04T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72183
published_at	2026-04-02T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72227
published_at	2026-04-09T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72215
published_at	2026-04-08T12:55:00Z

value	0.0071
scoring_system	epss
scoring_elements	0.72178
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6779

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2254395

reference_id

2254395

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2254395

reference_url

http://seclists.org/fulldisclosure/2024/Feb/3

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

http://seclists.org/fulldisclosure/2024/Feb/3

reference_url

https://www.openwall.com/lists/oss-security/2024/01/30/6

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://www.openwall.com/lists/oss-security/2024/01/30/6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2023-6779

reference_id

CVE-2023-6779

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://access.redhat.com/security/cve/CVE-2023-6779

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/

reference_id

D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/

reference_url

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_id

glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html

reference_url

https://security.gentoo.org/glsa/202402-01

reference_id

GLSA-202402-01

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://security.gentoo.org/glsa/202402-01

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/

reference_id

MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/

reference_url

https://security.netapp.com/advisory/ntap-20240223-0006/

reference_id

ntap-20240223-0006

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://security.netapp.com/advisory/ntap-20240223-0006/

reference_url

https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt

reference_id

syslog.txt

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T16:08:30Z/

url

https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt

reference_url	https://usn.ubuntu.com/6620-1/
reference_id	USN-6620-1
reference_type
scores
url	https://usn.ubuntu.com/6620-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-15?distro=trixie
purl	pkg:deb/debian/glibc@2.37-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-15%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2023-6779

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tgp7-xmws-kued

url VCID-w16u-mjyw-pben

vulnerability_id VCID-w16u-mjyw-pben

summary Multiple vulnerabilities in glibc could result in Local Privilege Escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4527

reference_id

reference_type

scores

value	0.00105
scoring_system	epss
scoring_elements	0.28655
published_at	2026-04-09T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28657
published_at	2026-04-11T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28565
published_at	2026-04-13T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28613
published_at	2026-04-12T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28694
published_at	2026-04-02T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28561
published_at	2026-04-18T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28585
published_at	2026-04-16T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28743
published_at	2026-04-04T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.2855
published_at	2026-04-07T12:55:00Z

value	0.00105
scoring_system	epss
scoring_elements	0.28615
published_at	2026-04-08T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.29006
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4527

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051958
reference_id	1051958
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051958

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2234712

reference_id

2234712

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2234712

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id	cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2023-4527

reference_id

CVE-2023-4527

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/

url

https://access.redhat.com/security/cve/CVE-2023-4527

reference_url	https://security.gentoo.org/glsa/202310-03
reference_id	GLSA-202310-03
reference_type
scores
url	https://security.gentoo.org/glsa/202310-03

reference_url

https://access.redhat.com/errata/RHSA-2023:5453

reference_id

RHSA-2023:5453

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/

url

https://access.redhat.com/errata/RHSA-2023:5453

reference_url

https://access.redhat.com/errata/RHSA-2023:5455

reference_id

RHSA-2023:5455

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/

url

https://access.redhat.com/errata/RHSA-2023:5455

reference_url	https://usn.ubuntu.com/6409-1/
reference_id	USN-6409-1
reference_type
scores
url	https://usn.ubuntu.com/6409-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-9?distro=trixie
purl	pkg:deb/debian/glibc@2.37-9?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-9%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2023-4527

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w16u-mjyw-pben

url VCID-z55w-t8kd-hqep

vulnerability_id VCID-z55w-t8kd-hqep

summary glibc: Integer overflow with enabled tcache

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17426.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17426.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17426

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.57899
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58016
published_at	2026-04-21T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.5804
published_at	2026-04-16T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58039
published_at	2026-04-18T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57983
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58002
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57978
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58033
published_at	2026-04-08T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58035
published_at	2026-04-09T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58052
published_at	2026-04-11T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58031
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.5801
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17426

reference_url	https://sourceware.org/bugzilla/show_bug.cgi?id=22375
reference_id
reference_type
scores
url	https://sourceware.org/bugzilla/show_bug.cgi?id=22375

reference_url	https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6
reference_id
reference_type
scores
url	https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=34697694e8a93b325b18f25f7dcded55d6baeaf6

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1524530
reference_id	1524530
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1524530

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.26:::::::*
reference_id	cpe:2.3:a:gnu:glibc:2.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.26:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17426

reference_id

CVE-2017-17426

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17426

reference_url	https://usn.ubuntu.com/3534-1/
reference_id	USN-3534-1
reference_type
scores
url	https://usn.ubuntu.com/3534-1/

fixed_packages

url	pkg:deb/debian/glibc@0?distro=trixie
purl	pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-9nqp-tfvr-ayen

vulnerability	VCID-jswq-6ru6-wybc

vulnerability	VCID-kukb-s61t-pbc3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-ssnc-wdcf-sfc9

vulnerability	VCID-tcpv-4crc-zuap

vulnerability	VCID-us68-psx5-zude

vulnerability	VCID-zn6t-3mvb-wufm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-13?distro=trixie

purl pkg:deb/debian/glibc@2.42-13?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3e43-r92j-hkd3

vulnerability	VCID-nwfb-xnks-1kg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-13%3Fdistro=trixie

url pkg:deb/debian/glibc@2.42-14?distro=trixie

purl pkg:deb/debian/glibc@2.42-14?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-us68-psx5-zude

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-15?distro=trixie
purl	pkg:deb/debian/glibc@2.42-15?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15%3Fdistro=trixie

aliases CVE-2017-17426

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z55w-t8kd-hqep

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie

Package Instance