Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/923694?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "gnupg2", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.9.15-1", "latest_non_vulnerable_version": "2.4.8-5", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58550?format=api", "vulnerability_id": "VCID-4fcw-qdwc-4ycd", "summary": "security update", "references": [ { "reference_url": "http://advisories.mageia.org/MGASA-2014-0498.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://advisories.mageia.org/MGASA-2014-0498.html" }, { "reference_url": "http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9087.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9087.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9087", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91425", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91342", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91348", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91366", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91378", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91385", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91394", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91393", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91419", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91415", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06903", "scoring_system": "epss", "scoring_elements": "0.91416", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9087" }, { "reference_url": "https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.fuzzing-project.org/2-Buffer-overflow-and-other-minor-issues-in-GnuPG-and-libksba-TFPA-0012014.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9087" }, { "reference_url": "http://secunia.com/advisories/60073", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60073" }, { "reference_url": "http://secunia.com/advisories/60189", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60189" }, { "reference_url": "http://secunia.com/advisories/60233", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60233" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3078", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3078" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:234", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:234" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:151", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:151" }, { "reference_url": "http://www.securityfocus.com/bid/71285", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71285" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2427-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2427-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168051", "reference_id": "1168051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168051" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770972", "reference_id": "770972", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770972" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg:2.1.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnupg:gnupg:2.1.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg:2.1.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libksba:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:gnupg:libksba:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libksba:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9087", "reference_id": "CVE-2014-9087", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9087" }, { "reference_url": "https://usn.ubuntu.com/2427-1/", "reference_id": "USN-2427-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2427-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9087" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fcw-qdwc-4ycd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36362?format=api", "vulnerability_id": "VCID-5tpu-zawb-f3as", "summary": "Due to a design flaw, the output of GnuPG's Random Number Generator\n (RNG) is predictable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6313.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6313.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6313", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86905", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86915", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86927", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86948", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86955", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86969", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86958", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86973", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86977", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86975", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03177", "scoring_system": "epss", "scoring_elements": "0.86994", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6313" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366105", "reference_id": "1366105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366105" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834894", "reference_id": "834894", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834894" }, { "reference_url": "https://security.gentoo.org/glsa/201610-04", "reference_id": "GLSA-201610-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-04" }, { "reference_url": "https://security.gentoo.org/glsa/201612-01", "reference_id": "GLSA-201612-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2674", "reference_id": "RHSA-2016:2674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2674" }, { "reference_url": "https://usn.ubuntu.com/3064-1/", "reference_id": "USN-3064-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3064-1/" }, { "reference_url": "https://usn.ubuntu.com/3065-1/", "reference_id": "USN-3065-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3065-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-6313" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tpu-zawb-f3as" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64838?format=api", "vulnerability_id": "VCID-79fy-gfr6-zkgq", "summary": "GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24882.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24882.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24882", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00411", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00412", "published_at": "2026-04-02T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00624", "published_at": "2026-04-24T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00584", "published_at": "2026-04-12T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00586", "published_at": "2026-04-18T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00581", "published_at": "2026-04-16T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00627", "published_at": "2026-04-21T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00597", "published_at": "2026-04-07T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00595", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24882" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126631", "reference_id": "1126631", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126631" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433464", "reference_id": "2433464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433464" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2026/01/27/8", "reference_id": "8", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-27T20:07:25Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2026/01/27/8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2719", "reference_id": "RHSA-2026:2719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2753", "reference_id": "RHSA-2026:2753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2753" }, { "reference_url": "https://dev.gnupg.org/T8045", "reference_id": "T8045", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-27T20:07:25Z/" } ], "url": "https://dev.gnupg.org/T8045" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-24882" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79fy-gfr6-zkgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80930?format=api", "vulnerability_id": "VCID-bfu8-pr4x-guek", "summary": "gnupg: AEAD preference list overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25125.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25125.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62085", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62145", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.6223", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62219", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62198", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62243", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.6225", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62234", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62244", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25125" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875675", "reference_id": "1875675", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875675" }, { "reference_url": "https://security.archlinux.org/ASA-202009-5", "reference_id": "ASA-202009-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202009-5" }, { "reference_url": "https://security.archlinux.org/AVG-1218", "reference_id": "AVG-1218", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1218" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25125" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfu8-pr4x-guek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62206?format=api", "vulnerability_id": "VCID-bwr1-kgn5-27f7", "summary": "GnuPG may erroneously report a modified or unsigned message has a valid\n digital signature.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0049.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.8905", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89073", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89093", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89104", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89118", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04481", "scoring_system": "epss", "scoring_elements": "0.89114", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05236", "scoring_system": "epss", "scoring_elements": "0.89996", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0049" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617870", "reference_id": "1617870", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617870" }, { "reference_url": "https://security.gentoo.org/glsa/200603-08", "reference_id": "GLSA-200603-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200603-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0266", "reference_id": "RHSA-2006:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0266" }, { "reference_url": "https://usn.ubuntu.com/264-1/", "reference_id": "USN-264-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/264-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-0049" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bwr1-kgn5-27f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57173?format=api", "vulnerability_id": "VCID-j4gx-2342-mkdv", "summary": "Applications relying on GnuPG to authenticate digital signatures may\n incorrectly believe a signature has been verified.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0455.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0455.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0455", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83113", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.8313", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83144", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83142", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83174", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.8319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.8318", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83217", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83218", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01889", "scoring_system": "epss", "scoring_elements": "0.83221", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01913", "scoring_system": "epss", "scoring_elements": "0.83361", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0455" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618000", "reference_id": "1618000", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618000" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/27231.txt", "reference_id": "CVE-2006-0455;OSVDB-23221", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/27231.txt" }, { "reference_url": "https://www.securityfocus.com/bid/16663/info", "reference_id": "CVE-2006-0455;OSVDB-23221", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/16663/info" }, { "reference_url": "https://security.gentoo.org/glsa/200602-10", "reference_id": "GLSA-200602-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200602-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0266", "reference_id": "RHSA-2006:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0266" }, { "reference_url": "https://usn.ubuntu.com/252-1/", "reference_id": "USN-252-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/252-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-0455" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4gx-2342-mkdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64839?format=api", "vulnerability_id": "VCID-k6h1-5v39-jfeb", "summary": "GnuPG: GnuPG: Remote code execution and denial of service via crafted CMS EnvelopedData message", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24881.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24881.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42552", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42661", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42645", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42704", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42691", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42628", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42663", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42674", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42697", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24881" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433480", "reference_id": "2433480", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433480" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2026/01/27/8", "reference_id": "8", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-27T20:08:45Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2026/01/27/8" }, { "reference_url": "https://dev.gnupg.org/T8044", "reference_id": "T8044", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-27T20:08:45Z/" } ], "url": "https://dev.gnupg.org/T8044" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-24881" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6h1-5v39-jfeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64837?format=api", "vulnerability_id": "VCID-sbp2-xwuf-wbgc", "summary": "GnuPG: GnuPG: Denial of service due to specially crafted signature packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24883.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01932", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01917", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02883", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02783", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02764", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02887", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02812", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02833", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02803", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24883" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433463", "reference_id": "2433463", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433463" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2026/01/27/8", "reference_id": "8", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T20:02:25Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2026/01/27/8" }, { "reference_url": "https://dev.gnupg.org/T8049", "reference_id": "T8049", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T20:02:25Z/" } ], "url": "https://dev.gnupg.org/T8049" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-24883" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbp2-xwuf-wbgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72570?format=api", "vulnerability_id": "VCID-xcyv-byj5-8fb3", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7526.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7526.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7526", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85461", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85491", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85515", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85524", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85538", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85537", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85556", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02567", "scoring_system": "epss", "scoring_elements": "0.85562", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02636", "scoring_system": "epss", "scoring_elements": "0.85721", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02636", "scoring_system": "epss", "scoring_elements": "0.85744", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:P/I:N/A:N" }, { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html", "reference_id": "000408.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html" }, { "reference_url": "http://www.securitytracker.com/id/1038915", "reference_id": "1038915", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "http://www.securitytracker.com/id/1038915" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466265", "reference_id": "1466265", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466265" }, { "reference_url": "https://eprint.iacr.org/2017/627", "reference_id": "627", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://eprint.iacr.org/2017/627" }, { "reference_url": "http://www.securityfocus.com/bid/99338", "reference_id": "99338", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "http://www.securityfocus.com/bid/99338" }, { "reference_url": "https://security.archlinux.org/ASA-201707-1", "reference_id": "ASA-201707-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-1" }, { "reference_url": "https://security.archlinux.org/AVG-338", "reference_id": "AVG-338", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-338" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3901", "reference_id": "dsa-3901", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://www.debian.org/security/2017/dsa-3901" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3960", "reference_id": "dsa-3960", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://www.debian.org/security/2017/dsa-3960" }, { "reference_url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a", "reference_id": "gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a" }, { "reference_url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce", "reference_id": "gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce" }, { "reference_url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9", "reference_id": "gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526", "reference_id": "show_bug.cgi?id=CVE-2017-7526", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526" }, { "reference_url": "https://usn.ubuntu.com/3347-1/", "reference_id": "USN-3347-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3347-1/" }, { "reference_url": "https://usn.ubuntu.com/3347-2/", "reference_id": "USN-3347-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3347-2/" }, { "reference_url": "https://usn.ubuntu.com/3733-1/", "reference_id": "USN-3733-1", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://usn.ubuntu.com/3733-1/" }, { "reference_url": "https://usn.ubuntu.com/3733-2/", "reference_id": "USN-3733-2", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/" } ], "url": "https://usn.ubuntu.com/3733-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923694?format=api", "purl": "pkg:deb/debian/gnupg2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923691?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.27-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.27-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923689?format=api", "purl": "pkg:deb/debian/gnupg2@2.2.40-1.1%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-zx65-nc6s-8yf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.2.40-1.1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923693?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.7-21%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.7-21%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/923692?format=api", "purl": "pkg:deb/debian/gnupg2@2.4.9-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-79fy-gfr6-zkgq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@2.4.9-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7526" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xcyv-byj5-8fb3" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnupg2@0%3Fdistro=trixie" }