Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/931945?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "type": "deb", "namespace": "debian", "name": "nginx", "version": "1.18.0-6.1+deb11u3", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.18.0-6.1+deb11u4", "latest_non_vulnerable_version": "1.28.3-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7?format=api", "vulnerability_id": "VCID-2cu7-pyw5-t3dm", "summary": "Injection in auth_http and XCLIENT", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06342", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06426", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06409", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06451", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06436", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06375", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06361", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28753" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000160367", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:24:28Z/" } ], "url": "https://my.f5.com/manage/s/article/K000160367" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450780", "reference_id": "2450780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450780" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28753", "reference_id": "CVE-2026-28753", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28753" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931989?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28753" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cu7-pyw5-t3dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35?format=api", "vulnerability_id": "VCID-3czf-dtzg-8kdm", "summary": "NULL pointer dereference while using CRAM-MD5 or APOP", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27651.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27651", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12662", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12594", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12645", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12613", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12573", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12704", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12516", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27651" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27651" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000160383", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:02:03Z/" } ], "url": "https://my.f5.com/manage/s/article/K000160383" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791", "reference_id": "2450791", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450791" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651", "reference_id": "CVE-2026-27651", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27651" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6906", "reference_id": "RHSA-2026:6906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6907", "reference_id": "RHSA-2026:6907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6923", "reference_id": "RHSA-2026:6923", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6923" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7002", "reference_id": "RHSA-2026:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7343", "reference_id": "RHSA-2026:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7343" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931989?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-27651" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3czf-dtzg-8kdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4443?format=api", "vulnerability_id": "VCID-5781-s1ny-q7ey", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json" }, { "reference_url": "https://akka.io/security/akka-http-cve-2023-44487.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://akka.io/security/akka-http-cve-2023-44487.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94385", "scoring_system": "epss", "scoring_elements": "0.99971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.94385", "scoring_system": "epss", "scoring_elements": "0.9997", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44487" }, { "reference_url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size" }, { "reference_url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "reference_url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011" }, { "reference_url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/" }, { "reference_url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack" }, { "reference_url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "reference_url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack" }, { "reference_url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "reference_url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty" }, { "reference_url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "reference_url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "reference_url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "reference_url": "https://chaos.social/@icing/111210915918780532", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://chaos.social/@icing/111210915918780532" }, { "reference_url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps" }, { "reference_url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "reference_url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "reference_url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752" }, { "reference_url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "reference_url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "reference_url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "reference_url": "https://github.com/akka/akka-http/issues/4323", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/akka/akka-http/issues/4323" }, { "reference_url": "https://github.com/akka/akka-http/pull/4324", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/akka/akka-http/pull/4324" }, { "reference_url": "https://github.com/akka/akka-http/pull/4325", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/akka/akka-http/pull/4325" }, { "reference_url": "https://github.com/alibaba/tengine/issues/1872", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/alibaba/tengine/issues/1872" }, { "reference_url": "https://github.com/apache/apisix/issues/10320", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/apisix/issues/10320" }, { "reference_url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113" }, { "reference_url": "https://github.com/apache/httpd-site/pull/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/httpd-site/pull/10" }, { "reference_url": "https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a" }, { "reference_url": "https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49" }, { "reference_url": "https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628" }, { "reference_url": "https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e" }, { "reference_url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "reference_url": "https://github.com/apache/trafficserver/pull/10564", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/trafficserver/pull/10564" }, { "reference_url": "https://github.com/apple/swift-nio-http2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apple/swift-nio-http2" }, { "reference_url": "https://github.com/Azure/AKS/issues/3947", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/Azure/AKS/issues/3947" }, { "reference_url": "https://github.com/caddyserver/caddy/issues/5877", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "reference_url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "reference_url": "https://github.com/dotnet/announcements/issues/277", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/dotnet/announcements/issues/277" }, { "reference_url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73" }, { "reference_url": "https://github.com/eclipse/jetty.project/issues/10679", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "reference_url": "https://github.com/envoyproxy/envoy/pull/30055", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "reference_url": "https://github.com/etcd-io/etcd/issues/16740", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "reference_url": "https://github.com/facebook/proxygen/pull/466", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/facebook/proxygen/pull/466" }, { "reference_url": "https://github.com/golang/go/issues/63417", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/golang/go/issues/63417" }, { "reference_url": "https://github.com/grpc/grpc-go/pull/6703", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "reference_url": "https://github.com/grpc/grpc-go/releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/grpc/grpc-go/releases" }, { "reference_url": "https://github.com/grpc/grpc/releases/tag/v1.59.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/grpc/grpc/releases/tag/v1.59.2" }, { "reference_url": "https://github.com/h2o/h2o/pull/3291", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/h2o/h2o/pull/3291" }, { "reference_url": "https://github.com/haproxy/haproxy/issues/2312", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "reference_url": "https://github.com/hyperium/hyper/issues/3337", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/hyperium/hyper/issues/3337" }, { "reference_url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244" }, { "reference_url": "https://github.com/junkurihara/rust-rpxy/issues/97", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "reference_url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "reference_url": "https://github.com/kazu-yamamoto/http2/issues/93", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "reference_url": "https://github.com/Kong/kong/discussions/11741", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/Kong/kong/discussions/11741" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121120", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "reference_url": "https://github.com/line/armeria/pull/5232", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/line/armeria/pull/5232" }, { "reference_url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "reference_url": "https://github.com/micrictor/http2-rst-stream", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/micrictor/http2-rst-stream" }, { "reference_url": "https://github.com/microsoft/CBL-Mariner/pull/6381", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/microsoft/CBL-Mariner/pull/6381" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "reference_url": "https://github.com/nghttp2/nghttp2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nghttp2/nghttp2" }, { "reference_url": "https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832" }, { "reference_url": "https://github.com/nghttp2/nghttp2/pull/1961", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "reference_url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "reference_url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg" }, { "reference_url": "https://github.com/ninenines/cowboy/issues/1615", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "reference_url": "https://github.com/nodejs/node/pull/50121", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/nodejs/node/pull/50121" }, { "reference_url": "https://github.com/openresty/openresty/issues/930", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/openresty/openresty/issues/930" }, { "reference_url": "https://github.com/opensearch-project/data-prepper/issues/3474", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "reference_url": "https://github.com/oqtane/oqtane.framework/discussions/3367", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "reference_url": "https://github.com/projectcontour/contour/pull/5826", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/projectcontour/contour/pull/5826" }, { "reference_url": "https://github.com/tempesta-tech/tempesta/issues/1986", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "reference_url": "https://github.com/varnishcache/varnish-cache/issues/3996", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "reference_url": "https://go.dev/cl/534215", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/534215" }, { "reference_url": "https://go.dev/cl/534235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/534235" }, { "reference_url": "https://go.dev/issue/63417", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/63417" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ" }, { "reference_url": "https://istio.io/latest/news/security/istio-security-2023-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://istio.io/latest/news/security/istio-security-2023-004" }, { "reference_url": "https://istio.io/latest/news/security/istio-security-2023-004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "reference_url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487" }, { "reference_url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "reference_url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4" }, { "reference_url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html" }, { "reference_url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "reference_url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2" }, { "reference_url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "reference_url": "https://my.f5.com/manage/s/article/K000137106", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://my.f5.com/manage/s/article/K000137106" }, { "reference_url": "https://netty.io/news/2023/10/10/4-1-100-Final.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html" }, { "reference_url": "https://news.ycombinator.com/item?id=37830987", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37830987" }, { "reference_url": "https://news.ycombinator.com/item?id=37830998", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37830998" }, { "reference_url": "https://news.ycombinator.com/item?id=37831062", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37831062" }, { "reference_url": "https://news.ycombinator.com/item?id=37837043", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37837043" }, { "reference_url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response" }, { "reference_url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "reference_url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "reference_url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ" }, { "reference_url": "https://security.gentoo.org/glsa/202311-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231016-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231016-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231016-0001/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0007" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007" }, { "reference_url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14" }, { "reference_url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12" }, { "reference_url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94" }, { "reference_url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487" }, { "reference_url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487" }, { "reference_url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5521", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5540", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5540" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5549", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5549" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5558", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5558" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5570", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5570" }, { "reference_url": "https://www.eclipse.org/lists/jetty-announce/msg00181.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.eclipse.org/lists/jetty-announce/msg00181.html" }, { "reference_url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "reference_url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487" }, { "reference_url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "reference_url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products" }, { "reference_url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/10/10/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "reference_url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack" }, { "reference_url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday" }, { "reference_url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/10/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/10/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/13/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/13/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/18/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/18/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/19/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/20/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769", "reference_id": "1053769", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770", "reference_id": "1053770", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801", "reference_id": "1053801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232", "reference_id": "1054232", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234", "reference_id": "1054234", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156", "reference_id": "1056156", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421", "reference_id": "1074421", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", "reference_id": "2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", "reference_id": "3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", "reference_id": "BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", "reference_id": "CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "reference_url": "https://blog.vespa.ai/cve-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.vespa.ai/cve-2023-44487" }, { "reference_url": "https://blog.vespa.ai/cve-2023-44487/", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487" }, { "reference_url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487" }, { "reference_url": "https://github.com/bcdannyboy/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/bcdannyboy/CVE-2023-44487" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py", "reference_id": "CVE-2023-44487", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487" }, { "reference_url": "https://security.paloaltonetworks.com/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.paloaltonetworks.com/CVE-2023-44487" }, { "reference_url": "https://ubuntu.com/security/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://ubuntu.com/security/CVE-2023-44487" }, { "reference_url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", "reference_id": "CVE-2023-44487-HTTP-2-RAPID-RESET-ATTACK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", "reference_id": "E72T67UPDRXHIDLO3OROR25YAMN4GGW5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", "reference_id": "FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "reference_url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", "reference_id": "GHSA-2m7v-gc89-fjqf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf" }, { "reference_url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", "reference_id": "GHSA-qppj-fm5r-hxr3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3" }, { "reference_url": "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3", "reference_id": "GHSA-qppj-fm5r-hxr3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3" }, { "reference_url": "https://github.com/advisories/GHSA-vx74-f528-fxqg", "reference_id": "GHSA-vx74-f528-fxqg", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg" }, { "reference_url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", "reference_id": "GHSA-xpw8-rcwv-8f8p", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p" }, { "reference_url": "https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p", "reference_id": "GHSA-xpw8-rcwv-8f8p", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p" }, { "reference_url": "https://security.gentoo.org/glsa/202408-10", "reference_id": "GLSA-202408-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-10" }, { "reference_url": "https://security.gentoo.org/glsa/202412-14", "reference_id": "GLSA-202412-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-14" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", "reference_id": "HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", "reference_id": "KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", "reference_id": "LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", "reference_id": "LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0007/", "reference_id": "ntap-20240426-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0007/", "reference_id": "ntap-20240621-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5006", "reference_id": "RHSA-2023:5006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5009", "reference_id": "RHSA-2023:5009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5530", "reference_id": "RHSA-2023:5530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5541", "reference_id": "RHSA-2023:5541", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5542", "reference_id": "RHSA-2023:5542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5679", "reference_id": "RHSA-2023:5679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5705", "reference_id": "RHSA-2023:5705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5706", "reference_id": "RHSA-2023:5706", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5706" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5707", "reference_id": "RHSA-2023:5707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5708", "reference_id": "RHSA-2023:5708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5709", "reference_id": "RHSA-2023:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5710", "reference_id": "RHSA-2023:5710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5711", "reference_id": "RHSA-2023:5711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5712", "reference_id": "RHSA-2023:5712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5713", "reference_id": "RHSA-2023:5713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5714", "reference_id": "RHSA-2023:5714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5715", "reference_id": "RHSA-2023:5715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5716", "reference_id": "RHSA-2023:5716", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5716" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5717", "reference_id": "RHSA-2023:5717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5719", "reference_id": "RHSA-2023:5719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5720", "reference_id": "RHSA-2023:5720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5721", "reference_id": "RHSA-2023:5721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5724", "reference_id": "RHSA-2023:5724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5738", "reference_id": "RHSA-2023:5738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5749", "reference_id": "RHSA-2023:5749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5764", "reference_id": "RHSA-2023:5764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5765", "reference_id": "RHSA-2023:5765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5766", "reference_id": "RHSA-2023:5766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5767", "reference_id": "RHSA-2023:5767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5768", "reference_id": "RHSA-2023:5768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5769", "reference_id": "RHSA-2023:5769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5770", "reference_id": "RHSA-2023:5770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5780", "reference_id": "RHSA-2023:5780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5783", "reference_id": "RHSA-2023:5783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5784", "reference_id": "RHSA-2023:5784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5801", "reference_id": "RHSA-2023:5801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5802", "reference_id": "RHSA-2023:5802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5803", "reference_id": "RHSA-2023:5803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5805", "reference_id": "RHSA-2023:5805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5835", "reference_id": "RHSA-2023:5835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5837", "reference_id": "RHSA-2023:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5838", "reference_id": "RHSA-2023:5838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5840", "reference_id": "RHSA-2023:5840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5841", "reference_id": "RHSA-2023:5841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5849", "reference_id": "RHSA-2023:5849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5850", "reference_id": "RHSA-2023:5850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5851", "reference_id": "RHSA-2023:5851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5863", "reference_id": "RHSA-2023:5863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5864", "reference_id": "RHSA-2023:5864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5865", "reference_id": "RHSA-2023:5865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5866", "reference_id": "RHSA-2023:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5867", "reference_id": "RHSA-2023:5867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5869", "reference_id": "RHSA-2023:5869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5896", "reference_id": "RHSA-2023:5896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5902", "reference_id": "RHSA-2023:5902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5920", "reference_id": "RHSA-2023:5920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5922", "reference_id": "RHSA-2023:5922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5924", "reference_id": "RHSA-2023:5924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5928", "reference_id": "RHSA-2023:5928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5929", "reference_id": "RHSA-2023:5929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5930", "reference_id": "RHSA-2023:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5931", "reference_id": "RHSA-2023:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5933", "reference_id": "RHSA-2023:5933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5935", "reference_id": "RHSA-2023:5935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5945", "reference_id": "RHSA-2023:5945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5946", "reference_id": "RHSA-2023:5946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5947", "reference_id": "RHSA-2023:5947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5956", "reference_id": "RHSA-2023:5956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5965", "reference_id": "RHSA-2023:5965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5967", "reference_id": "RHSA-2023:5967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5969", "reference_id": "RHSA-2023:5969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5970", "reference_id": "RHSA-2023:5970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5971", "reference_id": "RHSA-2023:5971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5973", "reference_id": "RHSA-2023:5973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5973" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5974", "reference_id": "RHSA-2023:5974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5976", "reference_id": "RHSA-2023:5976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5978", "reference_id": "RHSA-2023:5978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5979", "reference_id": "RHSA-2023:5979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5980", "reference_id": "RHSA-2023:5980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5982", "reference_id": "RHSA-2023:5982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5989", "reference_id": "RHSA-2023:5989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6020", "reference_id": "RHSA-2023:6020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6021", "reference_id": "RHSA-2023:6021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6022", "reference_id": "RHSA-2023:6022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6023", "reference_id": "RHSA-2023:6023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6030", "reference_id": "RHSA-2023:6030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6031", "reference_id": "RHSA-2023:6031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6039", "reference_id": "RHSA-2023:6039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6039" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6040", "reference_id": "RHSA-2023:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6041", "reference_id": "RHSA-2023:6041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6042", "reference_id": "RHSA-2023:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6048", "reference_id": "RHSA-2023:6048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6057", "reference_id": "RHSA-2023:6057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6059", "reference_id": "RHSA-2023:6059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6061", "reference_id": "RHSA-2023:6061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6077", "reference_id": "RHSA-2023:6077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6079", "reference_id": "RHSA-2023:6079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6080", "reference_id": "RHSA-2023:6080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6084", "reference_id": "RHSA-2023:6084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6105", "reference_id": "RHSA-2023:6105", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6105" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6106", "reference_id": "RHSA-2023:6106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6114", "reference_id": "RHSA-2023:6114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6115", "reference_id": "RHSA-2023:6115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6117", "reference_id": "RHSA-2023:6117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6118", "reference_id": "RHSA-2023:6118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6120", "reference_id": "RHSA-2023:6120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6129", "reference_id": "RHSA-2023:6129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6137", "reference_id": "RHSA-2023:6137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6144", "reference_id": "RHSA-2023:6144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6154", "reference_id": "RHSA-2023:6154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6161", "reference_id": "RHSA-2023:6161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6165", "reference_id": "RHSA-2023:6165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6179", "reference_id": "RHSA-2023:6179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6217", "reference_id": "RHSA-2023:6217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6233", "reference_id": "RHSA-2023:6233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6235", "reference_id": "RHSA-2023:6235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6239", "reference_id": "RHSA-2023:6239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6248", "reference_id": "RHSA-2023:6248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6251", "reference_id": "RHSA-2023:6251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6269", "reference_id": "RHSA-2023:6269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6272", "reference_id": "RHSA-2023:6272", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6272" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6280", "reference_id": "RHSA-2023:6280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6286", "reference_id": "RHSA-2023:6286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6296", "reference_id": "RHSA-2023:6296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6298", "reference_id": "RHSA-2023:6298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6305", "reference_id": "RHSA-2023:6305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6746", "reference_id": "RHSA-2023:6746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6779", "reference_id": "RHSA-2023:6779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6781", "reference_id": "RHSA-2023:6781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6782", "reference_id": "RHSA-2023:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6783", "reference_id": "RHSA-2023:6783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6784", "reference_id": "RHSA-2023:6784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6785", "reference_id": "RHSA-2023:6785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6786", "reference_id": "RHSA-2023:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6787", "reference_id": "RHSA-2023:6787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6788", "reference_id": "RHSA-2023:6788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6817", "reference_id": "RHSA-2023:6817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6818", "reference_id": "RHSA-2023:6818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6832", "reference_id": "RHSA-2023:6832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6836", "reference_id": "RHSA-2023:6836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6837", "reference_id": "RHSA-2023:6837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6839", "reference_id": "RHSA-2023:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6840", "reference_id": "RHSA-2023:6840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7198", "reference_id": "RHSA-2023:7198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7205", "reference_id": "RHSA-2023:7205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7215", "reference_id": "RHSA-2023:7215", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7218", "reference_id": "RHSA-2023:7218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7288", "reference_id": "RHSA-2023:7288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7315", "reference_id": "RHSA-2023:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7325", "reference_id": "RHSA-2023:7325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7334", "reference_id": "RHSA-2023:7334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7335", "reference_id": "RHSA-2023:7335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7344", "reference_id": "RHSA-2023:7344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7345", "reference_id": "RHSA-2023:7345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7481", "reference_id": "RHSA-2023:7481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7482", "reference_id": "RHSA-2023:7482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7483", "reference_id": "RHSA-2023:7483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7484", "reference_id": "RHSA-2023:7484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7486", "reference_id": "RHSA-2023:7486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7488", "reference_id": "RHSA-2023:7488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7521", "reference_id": "RHSA-2023:7521", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7522", "reference_id": "RHSA-2023:7522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7555", "reference_id": "RHSA-2023:7555", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7555" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7587", "reference_id": "RHSA-2023:7587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7610", "reference_id": "RHSA-2023:7610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7682", "reference_id": "RHSA-2023:7682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7687", "reference_id": "RHSA-2023:7687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7699", "reference_id": "RHSA-2023:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7703", "reference_id": "RHSA-2023:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7704", "reference_id": "RHSA-2023:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7741", "reference_id": "RHSA-2023:7741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0269", "reference_id": "RHSA-2024:0269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0302", "reference_id": "RHSA-2024:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0777", "reference_id": "RHSA-2024:0777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1444", "reference_id": "RHSA-2024:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1770", "reference_id": "RHSA-2024:1770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2633", "reference_id": "RHSA-2024:2633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4631", "reference_id": "RHSA-2024:4631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16668", "reference_id": "RHSA-2025:16668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16668" }, { "reference_url": "https://usn.ubuntu.com/6427-1/", "reference_id": "USN-6427-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6427-1/" }, { "reference_url": "https://usn.ubuntu.com/6427-2/", "reference_id": "USN-6427-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6427-2/" }, { "reference_url": "https://usn.ubuntu.com/6438-1/", "reference_id": "USN-6438-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6438-1/" }, { "reference_url": "https://usn.ubuntu.com/6505-1/", "reference_id": "USN-6505-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6505-1/" }, { "reference_url": "https://usn.ubuntu.com/6574-1/", "reference_id": "USN-6574-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6574-1/" }, { "reference_url": "https://usn.ubuntu.com/6754-1/", "reference_id": "USN-6754-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6754-1/" }, { "reference_url": "https://usn.ubuntu.com/6994-1/", "reference_id": "USN-6994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6994-1/" }, { "reference_url": "https://usn.ubuntu.com/7067-1/", "reference_id": "USN-7067-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7067-1/" }, { "reference_url": "https://usn.ubuntu.com/7410-1/", "reference_id": "USN-7410-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7410-1/" }, { "reference_url": "https://usn.ubuntu.com/7469-1/", "reference_id": "USN-7469-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-1/" }, { "reference_url": "https://usn.ubuntu.com/7469-2/", "reference_id": "USN-7469-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-2/" }, { "reference_url": "https://usn.ubuntu.com/7469-3/", "reference_id": "USN-7469-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-3/" }, { "reference_url": "https://usn.ubuntu.com/7469-4/", "reference_id": "USN-7469-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-4/" }, { "reference_url": "https://usn.ubuntu.com/7892-1/", "reference_id": "USN-7892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7892-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", "reference_id": "VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", "reference_id": "VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", "reference_id": "WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", "reference_id": "WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", "reference_id": "X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", "reference_id": "XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", "reference_id": "ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", "reference_id": "ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931978?format=api", "purl": "pkg:deb/debian/nginx@1.24.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.24.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-44487", "GHSA-2m7v-gc89-fjqf", "GHSA-qppj-fm5r-hxr3", "GHSA-vx74-f528-fxqg", "GHSA-xpw8-rcwv-8f8p", "GMS-2023-3377", "VSV00013" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5781-s1ny-q7ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18?format=api", "vulnerability_id": "VCID-d1c6-dt2p-9kaa", "summary": "SSL upstream injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1642.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03395", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03796", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03427", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03408", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03409", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03425", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1642" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1642" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000159824", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T16:01:47Z/" } ], "url": "https://my.f5.com/manage/s/article/K000159824" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053", "reference_id": "1127053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127053" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436738", "reference_id": "2436738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436738" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1642", "reference_id": "CVE-2026-1642", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3638", "reference_id": "RHSA-2026:3638", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4235", "reference_id": "RHSA-2026:4235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4501", "reference_id": "RHSA-2026:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4705", "reference_id": "RHSA-2026:4705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5581", "reference_id": "RHSA-2026:5581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5599", "reference_id": "RHSA-2026:5599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6182", "reference_id": "RHSA-2026:6182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6234", "reference_id": "RHSA-2026:6234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6235", "reference_id": "RHSA-2026:6235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6302", "reference_id": "RHSA-2026:6302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6311", "reference_id": "RHSA-2026:6311", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6311" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6407", "reference_id": "RHSA-2026:6407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6408", "reference_id": "RHSA-2026:6408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6427", "reference_id": "RHSA-2026:6427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6427" }, { "reference_url": "https://usn.ubuntu.com/8038-1/", "reference_id": "USN-8038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931987?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931988?format=api", "purl": "pkg:deb/debian/nginx@1.28.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-1642" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1c6-dt2p-9kaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8?format=api", "vulnerability_id": "VCID-fmvd-vyt7-mkfk", "summary": "Buffer overflow in ngx_http_dav_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27654.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0984", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09867", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09861", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09914", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0992", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09789", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27654" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000160382", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "8.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T15:14:50Z/" } ], "url": "https://my.f5.com/manage/s/article/K000160382" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776", "reference_id": "2450776", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450776" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654", "reference_id": "CVE-2026-27654", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6906", "reference_id": "RHSA-2026:6906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6907", "reference_id": "RHSA-2026:6907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6923", "reference_id": "RHSA-2026:6923", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6923" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7002", "reference_id": "RHSA-2026:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7343", "reference_id": "RHSA-2026:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7343" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931989?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-27654" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmvd-vyt7-mkfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4?format=api", "vulnerability_id": "VCID-hemy-pnpj-sfg3", "summary": "Buffer overread in the ngx_mail_smtp_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06024", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06102", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06084", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06123", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06114", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06109", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06059", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06044", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53859" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000152786", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T15:06:23Z/" } ], "url": "https://my.f5.com/manage/s/article/K000152786" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138", "reference_id": "1111138", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111138" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388238", "reference_id": "2388238", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388238" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53859", "reference_id": "CVE-2025-53859", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53859" }, { "reference_url": "https://usn.ubuntu.com/7715-1/", "reference_id": "USN-7715-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7715-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931986?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931985?format=api", "purl": "pkg:deb/debian/nginx@1.28.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-53859" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hemy-pnpj-sfg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38?format=api", "vulnerability_id": "VCID-kpjx-rrjs-subs", "summary": "OCSP result bypass in stream", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28755.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02462", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02475", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02497", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02476", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02467", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28755" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000160368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://my.f5.com/manage/s/article/K000160368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450779", "reference_id": "2450779", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450779" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28755", "reference_id": "CVE-2026-28755", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28755" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-28755" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kpjx-rrjs-subs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43?format=api", "vulnerability_id": "VCID-sxf9-qr1j-u3et", "summary": "Buffer overflow in the ngx_http_mp4_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01788", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01797", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01817", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0181", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01799", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.018", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000160364", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-25T03:55:53Z/" } ], "url": "https://my.f5.com/manage/s/article/K000160364" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785", "reference_id": "2450785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450785" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784", "reference_id": "CVE-2026-27784", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6906", "reference_id": "RHSA-2026:6906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6907", "reference_id": "RHSA-2026:6907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6923", "reference_id": "RHSA-2026:6923", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6923" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7002", "reference_id": "RHSA-2026:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7343", "reference_id": "RHSA-2026:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7343" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931989?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-27784" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxf9-qr1j-u3et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11?format=api", "vulnerability_id": "VCID-z3xb-4krg-rbae", "summary": "Buffer overflow in the ngx_http_mp4_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32647.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32647.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32647", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02062", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02087", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02104", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02081", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02091", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02085", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32647" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://my.f5.com/manage/s/article/K000160366", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T14:51:04Z/" } ], "url": "https://my.f5.com/manage/s/article/K000160366" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598", "reference_id": "2449598", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449598" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647", "reference_id": "CVE-2026-32647", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6906", "reference_id": "RHSA-2026:6906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6907", "reference_id": "RHSA-2026:6907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6923", "reference_id": "RHSA-2026:6923", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6923" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7002", "reference_id": "RHSA-2026:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7343", "reference_id": "RHSA-2026:7343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7343" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931989?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-32647" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3xb-4krg-rbae" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14?format=api", "vulnerability_id": "VCID-22cq-z7km-cfdc", "summary": "SSL session reuse vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-23419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88128", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88147", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88153", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88163", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88156", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88105", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0383", "scoring_system": "epss", "scoring_elements": "0.88121", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-23419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23419" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2025/NYEUJX7NCBCGJGXDFVXNMAAMJDFSE45G.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403", "reference_id": "1095403", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095403" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344005", "reference_id": "2344005", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344005" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23419", "reference_id": "CVE-2025-23419", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23419" }, { "reference_url": "https://my.f5.com/manage/s/article/K000149173", "reference_id": "K000149173", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-05T18:12:47Z/" } ], "url": "https://my.f5.com/manage/s/article/K000149173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7331", "reference_id": "RHSA-2025:7331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7331" }, { "reference_url": "https://usn.ubuntu.com/7285-1/", "reference_id": "USN-7285-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7285-1/" }, { "reference_url": "https://usn.ubuntu.com/7285-2/", "reference_id": "USN-7285-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7285-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931982?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931983?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931984?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-23419" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22cq-z7km-cfdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90808?format=api", "vulnerability_id": "VCID-36pf-ddpb-3khs", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85275", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85278", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85203", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85233", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85257", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.85266", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02474", "scoring_system": "epss", "scoring_elements": "0.8528", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11724" }, { "reference_url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa" }, { "reference_url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/openresty/openresty/blob/4e8b4c395f842a078e429c80dd063b2323999957/patches/ngx_http_lua-0.10.15-fix_location_capture_content_length_chunked.patch" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210129-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210129-0002/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4750" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950", "reference_id": "964950", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964950" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11724", "reference_id": "CVE-2020-11724", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11724" }, { "reference_url": "https://usn.ubuntu.com/5371-1/", "reference_id": "USN-5371-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5371-1/" }, { "reference_url": "https://usn.ubuntu.com/5371-3/", "reference_id": "USN-5371-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5371-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931971?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-11724" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36pf-ddpb-3khs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81680?format=api", "vulnerability_id": "VCID-3ysf-pvuu-47bs", "summary": "nginx: HTTP request smuggling in configurations with URL redirect used as error_page", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20372.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98652", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98659", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.9866", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98661", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.69737", "scoring_system": "epss", "scoring_elements": "0.98665", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790277", "reference_id": "1790277", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579", "reference_id": "948579", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2817", "reference_id": "RHSA-2020:2817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5495", "reference_id": "RHSA-2020:5495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0778", "reference_id": "RHSA-2021:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0779", "reference_id": "RHSA-2021:0779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0779" }, { "reference_url": "https://usn.ubuntu.com/4235-1/", "reference_id": "USN-4235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4235-1/" }, { "reference_url": "https://usn.ubuntu.com/4235-2/", "reference_id": "USN-4235-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4235-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931969?format=api", "purl": "pkg:deb/debian/nginx@1.16.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.16.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-20372" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ysf-pvuu-47bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2?format=api", "vulnerability_id": "VCID-49q7-zqwm-hqgx", "summary": "Vulnerabilities with Windows directory aliases", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4963", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54184", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54102", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54119", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54148", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54124", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54173", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54222", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54205", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4963" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4963", "reference_id": "CVE-2011-4963", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4963" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4963" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-49q7-zqwm-hqgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54339?format=api", "vulnerability_id": "VCID-4mqa-bkha-kbaj", "summary": "security update", "references": [ { "reference_url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "reference_url": "http://code.google.com/p/chromium/issues/detail?id=139744", "reference_id": "", "reference_type": "", "scores": [], "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "reference_url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "reference_url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "reference_url": "http://jvn.jp/en/jp/JVN65273415/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" }, { "reference_url": "http://news.ycombinator.com/item?id=4510829", "reference_id": "", "reference_type": "", "scores": [], "url": "http://news.ycombinator.com/item?id=4510829" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94599", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94585", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94615", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94592", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929" }, { "reference_url": "https://chromiumcodereview.appspot.com/10825183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://chromiumcodereview.appspot.com/10825183" }, { "reference_url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "reference_url": "https://gist.github.com/3696912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gist.github.com/3696912" }, { "reference_url": "https://github.com/mpgn/CRIME-poc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mpgn/CRIME-poc" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "reference_url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "reference_url": "http://support.apple.com/kb/HT5784", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5784" }, { "reference_url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "reference_url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2012/dsa-2579" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2627", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2627" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.ekoparty.org/2012/thai-duong.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "reference_url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "reference_url": "http://www.securityfocus.com/bid/55704", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55704" }, { "reference_url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1628-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1898-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936", "reference_id": "689936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399", "reference_id": "700399", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426", "reference_id": "700426", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197", "reference_id": "727197", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055", "reference_id": "728055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051", "reference_id": "857051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "reference_id": "CVE-2012-4929", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0587", "reference_id": "RHSA-2013:0587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0636", "reference_id": "RHSA-2013:0636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0416", "reference_id": "RHSA-2014:0416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "reference_url": "https://usn.ubuntu.com/1627-1/", "reference_id": "USN-1627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1627-1/" }, { "reference_url": "https://usn.ubuntu.com/1628-1/", "reference_id": "USN-1628-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1628-1/" }, { "reference_url": "https://usn.ubuntu.com/1898-1/", "reference_id": "USN-1898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931957?format=api", "purl": "pkg:deb/debian/nginx@1.2.1-2.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-4929" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mqa-bkha-kbaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41?format=api", "vulnerability_id": "VCID-64n7-ygvq-cfds", "summary": "Excessive memory usage in HTTP/2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16843.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98063", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98082", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98076", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98081", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.9807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98071", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.55541", "scoring_system": "epss", "scoring_elements": "0.98075", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644511", "reference_id": "1644511", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644511" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090", "reference_id": "913090", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16843", "reference_id": "CVE-2018-16843", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3653", "reference_id": "RHSA-2018:3653", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3653" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3680", "reference_id": "RHSA-2018:3680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3681", "reference_id": "RHSA-2018:3681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3681" }, { "reference_url": "https://usn.ubuntu.com/3812-1/", "reference_id": "USN-3812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931968?format=api", "purl": "pkg:deb/debian/nginx@1.14.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16843" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-64n7-ygvq-cfds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29?format=api", "vulnerability_id": "VCID-8mzu-swrb-sqd8", "summary": "Buffer overwrite in HTTP/3", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65228", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65256", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65268", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.6525", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65238", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65197", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65222", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-32760" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283933", "reference_id": "2283933", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283933" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32760", "reference_id": "CVE-2024-32760", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32760" }, { "reference_url": "https://my.f5.com/manage/s/article/K000139609", "reference_id": "K000139609", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/" } ], "url": "https://my.f5.com/manage/s/article/K000139609" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/", "reference_id": "MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", "reference_id": "R7RPLWC35WHEUFCGKNFG62ESNID25TEZ", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931980?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-32760" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8mzu-swrb-sqd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45?format=api", "vulnerability_id": "VCID-9hzg-r1fj-pubf", "summary": "Excessive CPU usage in HTTP/2 with priority changes", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9513.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9513", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91201", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.9125", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91235", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91241", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06705", "scoring_system": "epss", "scoring_elements": "0.91215", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741", "reference_id": "1735741", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735741" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885", "reference_id": "934885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037", "reference_id": "935037", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037" }, { "reference_url": "https://security.archlinux.org/ASA-201908-12", "reference_id": "ASA-201908-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-12" }, { "reference_url": "https://security.archlinux.org/ASA-201908-13", "reference_id": "ASA-201908-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-13" }, { "reference_url": "https://security.archlinux.org/ASA-201908-17", "reference_id": "ASA-201908-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-17" }, { "reference_url": "https://security.archlinux.org/AVG-1022", "reference_id": "AVG-1022", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1022" }, { "reference_url": "https://security.archlinux.org/AVG-1023", "reference_id": "AVG-1023", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1023" }, { "reference_url": "https://security.archlinux.org/AVG-1024", "reference_id": "AVG-1024", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1024" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513", "reference_id": "CVE-2019-9513", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2692", "reference_id": "RHSA-2019:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2745", "reference_id": "RHSA-2019:2745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2746", "reference_id": "RHSA-2019:2746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2775", "reference_id": "RHSA-2019:2775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2799", "reference_id": "RHSA-2019:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2946", "reference_id": "RHSA-2019:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2949", "reference_id": "RHSA-2019:2949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3041", "reference_id": "RHSA-2019:3041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://usn.ubuntu.com/4099-1/", "reference_id": "USN-4099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4099-1/" }, { "reference_url": "https://usn.ubuntu.com/6754-1/", "reference_id": "USN-6754-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6754-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931970?format=api", "purl": "pkg:deb/debian/nginx@1.14.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9513" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hzg-r1fj-pubf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19?format=api", "vulnerability_id": "VCID-9kx7-1dn9-dbdt", "summary": "Stack-based buffer overflow with specially crafted request", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html" }, { "reference_url": "http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html" }, { "reference_url": "http://nginx.org/download/patch.2013.chunked.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nginx.org/download/patch.2013.chunked.txt" }, { "reference_url": "http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2028", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93039", "scoring_system": "epss", "scoring_elements": "0.99787", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.93137", "scoring_system": "epss", "scoring_elements": "0.99795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.93137", "scoring_system": "epss", "scoring_elements": "0.99796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.93137", "scoring_system": "epss", "scoring_elements": "0.99797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.93137", "scoring_system": "epss", "scoring_elements": "0.99794", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2028" }, { "reference_url": "http://secunia.com/advisories/55181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55181" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201310-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201310-04.xml" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rapid7/metasploit-framework/pull/1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/rapid7/metasploit-framework/pull/1834" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html" }, { "reference_url": "https://nginx.org/download/patch.2013.chunked.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.chunked.txt" }, { "reference_url": "https://nginx.org/download/patch.2013.chunked.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.chunked.txt.asc" }, { "reference_url": "http://www.osvdb.org/93037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/93037" }, { "reference_url": "http://www.securityfocus.com/bid/59699", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/59699" }, { "reference_url": "http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt", "reference_id": "CVE-2013-2028", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2028", "reference_id": "CVE-2013-2028", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2028" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py", "reference_id": "CVE-2013-2028;OSVDB-93037", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb", "reference_id": "CVE-2013-2028;OSVDB-93037", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl", "reference_id": "CVE-2013-2028;OSVDB-93037", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl" }, { "reference_url": "https://security.gentoo.org/glsa/201310-04", "reference_id": "GLSA-201310-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2028" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9kx7-1dn9-dbdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40?format=api", "vulnerability_id": "VCID-asr7-uwpu-a7a5", "summary": "STARTTLS command injection", "references": [ { "reference_url": "http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=142103967620673&w=2" }, { "reference_url": "http://nginx.org/download/patch.2014.starttls.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nginx.org/download/patch.2014.starttls.txt" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3556.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.9773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97707", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97726", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97728", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97715", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97716", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.9772", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.48169", "scoring_system": "epss", "scoring_elements": "0.97723", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html" }, { "reference_url": "https://nginx.org/download/patch.2014.starttls.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2014.starttls.txt" }, { "reference_url": "https://nginx.org/download/patch.2014.starttls.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2014.starttls.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1126891", "reference_id": "1126891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1126891" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196", "reference_id": "757196", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757196" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3556", "reference_id": "CVE-2014-3556", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3556" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931961?format=api", "purl": "pkg:deb/debian/nginx@1.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3556" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-asr7-uwpu-a7a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9?format=api", "vulnerability_id": "VCID-bana-j1wy-cfdy", "summary": "Excessive CPU usage in HTTP/2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93353", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93385", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93384", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93369", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93377", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10883", "scoring_system": "epss", "scoring_elements": "0.93381", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644510", "reference_id": "1644510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644510" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090", "reference_id": "913090", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16844", "reference_id": "CVE-2018-16844", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3680", "reference_id": "RHSA-2018:3680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3681", "reference_id": "RHSA-2018:3681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3681" }, { "reference_url": "https://usn.ubuntu.com/3812-1/", "reference_id": "USN-3812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931968?format=api", "purl": "pkg:deb/debian/nginx@1.14.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16844" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bana-j1wy-cfdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70179?format=api", "vulnerability_id": "VCID-c4ta-jqmg-wfgf", "summary": "lua-nginx-module: HTTP request smuggling via a crafted HEAD request", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33452.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72089", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.721", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72123", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72108", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72075", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72051", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33452" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361691", "reference_id": "2361691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361691" }, { "reference_url": "https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/", "reference_id": "OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T19:26:16Z/" } ], "url": "https://www.benasin.space/2025/03/18/OpenResty-lua-nginx-module-v0-10-26-HTTP-Request-Smuggling-in-HEAD-requests/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931973?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931972?format=api", "purl": "pkg:deb/debian/nginx@1.22.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-33452" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ta-jqmg-wfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15?format=api", "vulnerability_id": "VCID-c9ym-ckeq-63dq", "summary": "Memory corruption in the ngx_http_mp4_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74876", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74847", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74887", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74897", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74919", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74895", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74882", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00851", "scoring_system": "epss", "scoring_elements": "0.74849", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html" }, { "reference_url": "https://nginx.org/download/patch.2022.mp4.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2022.mp4.txt" }, { "reference_url": "https://nginx.org/download/patch.2022.mp4.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2022.mp4.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495", "reference_id": "2141495", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141495" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/", "reference_id": "BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741", "reference_id": "CVE-2022-41741", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41741" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5281", "reference_id": "dsa-5281", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5281" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/", "reference_id": "FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/" }, { "reference_url": "https://support.f5.com/csp/article/K81926432", "reference_id": "K81926432", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://support.f5.com/csp/article/K81926432" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230120-0005/", "reference_id": "ntap-20230120-0005", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230120-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7402", "reference_id": "RHSA-2025:7402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7546", "reference_id": "RHSA-2025:7546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7619", "reference_id": "RHSA-2025:7619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7619" }, { "reference_url": "https://usn.ubuntu.com/5722-1/", "reference_id": "USN-5722-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5722-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/", "reference_id": "WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:12:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931977?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-41741" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ym-ckeq-63dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34?format=api", "vulnerability_id": "VCID-cbn4-utmp-n7ba", "summary": "1-byte memory overwrite in resolver", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73544", "scoring_system": "epss", "scoring_elements": "0.98797", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.73544", "scoring_system": "epss", "scoring_elements": "0.98794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.73544", "scoring_system": "epss", "scoring_elements": "0.98805", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.73544", "scoring_system": "epss", "scoring_elements": "0.98804", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.73544", "scoring_system": "epss", "scoring_elements": "0.98801", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html" }, { "reference_url": "https://nginx.org/download/patch.2021.resolver.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2021.resolver.txt" }, { "reference_url": "https://nginx.org/download/patch.2021.resolver.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2021.resolver.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963121", "reference_id": "1963121", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963121" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095", "reference_id": "989095", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095" }, { "reference_url": "https://security.archlinux.org/ASA-202106-36", "reference_id": "ASA-202106-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-36" }, { "reference_url": "https://security.archlinux.org/ASA-202106-48", "reference_id": "ASA-202106-48", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-48" }, { "reference_url": "https://security.archlinux.org/AVG-1987", "reference_id": "AVG-1987", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1987" }, { "reference_url": "https://security.archlinux.org/AVG-1988", "reference_id": "AVG-1988", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1988" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py", "reference_id": "CVE-2021-23017", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/50973.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23017", "reference_id": "CVE-2021-23017", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23017" }, { "reference_url": "https://security.gentoo.org/glsa/202105-38", "reference_id": "GLSA-202105-38", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202105-38" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2258", "reference_id": "RHSA-2021:2258", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2259", "reference_id": "RHSA-2021:2259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2278", "reference_id": "RHSA-2021:2278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2290", "reference_id": "RHSA-2021:2290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3653", "reference_id": "RHSA-2021:3653", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3653" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3851", "reference_id": "RHSA-2021:3851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3925", "reference_id": "RHSA-2021:3925", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0323", "reference_id": "RHSA-2022:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0323" }, { "reference_url": "https://usn.ubuntu.com/4967-1/", "reference_id": "USN-4967-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4967-1/" }, { "reference_url": "https://usn.ubuntu.com/4967-2/", "reference_id": "USN-4967-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4967-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931974?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-23017" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbn4-utmp-n7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16?format=api", "vulnerability_id": "VCID-cjx4-a19z-xufq", "summary": "Integer overflow in the range filter", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91909", "scoring_system": "epss", "scoring_elements": "0.99689", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.91909", "scoring_system": "epss", "scoring_elements": "0.99692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.91909", "scoring_system": "epss", "scoring_elements": "0.99693", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.91909", "scoring_system": "epss", "scoring_elements": "0.9969", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.91909", "scoring_system": "epss", "scoring_elements": "0.99691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.91909", "scoring_system": "epss", "scoring_elements": "0.99694", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.92868", "scoring_system": "epss", "scoring_elements": "0.99768", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html" }, { "reference_url": "https://nginx.org/download/patch.2017.ranges.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2017.ranges.txt" }, { "reference_url": "https://nginx.org/download/patch.2017.ranges.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2017.ranges.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1468584", "reference_id": "1468584", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1468584" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109", "reference_id": "868109", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868109" }, { "reference_url": "https://security.archlinux.org/ASA-201707-11", "reference_id": "ASA-201707-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-11" }, { "reference_url": "https://security.archlinux.org/ASA-201707-12", "reference_id": "ASA-201707-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-12" }, { "reference_url": "https://security.archlinux.org/AVG-345", "reference_id": "AVG-345", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-345" }, { "reference_url": "https://security.archlinux.org/AVG-346", "reference_id": "AVG-346", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-346" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7529", "reference_id": "CVE-2017-7529", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2538", "reference_id": "RHSA-2017:2538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2538" }, { "reference_url": "https://usn.ubuntu.com/3352-1/", "reference_id": "USN-3352-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3352-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931967?format=api", "purl": "pkg:deb/debian/nginx@1.13.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.13.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7529" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjx4-a19z-xufq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25?format=api", "vulnerability_id": "VCID-dmv4-ydq9-a7eq", "summary": "Excessive CPU usage in HTTP/2 with small window updates", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94283", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94324", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94318", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94322", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13948", "scoring_system": "epss", "scoring_elements": "0.94292", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860", "reference_id": "1741860", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741860" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885", "reference_id": "934885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037", "reference_id": "935037", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037" }, { "reference_url": "https://security.archlinux.org/ASA-201908-12", "reference_id": "ASA-201908-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-12" }, { "reference_url": "https://security.archlinux.org/ASA-201908-13", "reference_id": "ASA-201908-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-13" }, { "reference_url": "https://security.archlinux.org/ASA-201908-17", "reference_id": "ASA-201908-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-17" }, { "reference_url": "https://security.archlinux.org/AVG-1022", "reference_id": "AVG-1022", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1022" }, { "reference_url": "https://security.archlinux.org/AVG-1023", "reference_id": "AVG-1023", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1023" }, { "reference_url": "https://security.archlinux.org/AVG-1024", "reference_id": "AVG-1024", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1024" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511", "reference_id": "CVE-2019-9511", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9511" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2692", "reference_id": "RHSA-2019:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2745", "reference_id": "RHSA-2019:2745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2746", "reference_id": "RHSA-2019:2746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2775", "reference_id": "RHSA-2019:2775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2799", "reference_id": "RHSA-2019:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2946", "reference_id": "RHSA-2019:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2949", "reference_id": "RHSA-2019:2949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3041", "reference_id": "RHSA-2019:3041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2565", "reference_id": "RHSA-2020:2565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5856", "reference_id": "RHSA-2024:5856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5856" }, { "reference_url": "https://usn.ubuntu.com/4099-1/", "reference_id": "USN-4099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4099-1/" }, { "reference_url": "https://usn.ubuntu.com/6754-1/", "reference_id": "USN-6754-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6754-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931970?format=api", "purl": "pkg:deb/debian/nginx@1.14.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9511" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12?format=api", "vulnerability_id": "VCID-e49f-y1ky-5yb4", "summary": "Insufficient limits of CNAME resolution in resolver", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html" }, { "reference_url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0747.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0747", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96872", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96899", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96901", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96903", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.9688", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96884", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.33182", "scoring_system": "epss", "scoring_elements": "0.96889", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0747" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/36", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2021/Sep/36" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html" }, { "reference_url": "https://support.apple.com/kb/HT212818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT212818" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3473", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3473" }, { "reference_url": "http://www.securitytracker.com/id/1034869", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034869" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2892-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2892-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302589", "reference_id": "1302589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302589" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806", "reference_id": "812806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0747", "reference_id": "CVE-2016-0747", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0747" }, { "reference_url": "https://security.gentoo.org/glsa/201606-06", "reference_id": "GLSA-201606-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1425", "reference_id": "RHSA-2016:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1425" }, { "reference_url": "https://usn.ubuntu.com/2892-1/", "reference_id": "USN-2892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2892-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931963?format=api", "purl": "pkg:deb/debian/nginx@1.9.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0747" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e49f-y1ky-5yb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6?format=api", "vulnerability_id": "VCID-eb23-pd25-yqg3", "summary": "Buffer overread in the ngx_http_mp4_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7347.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7347", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41622", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.423", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42348", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42355", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42377", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42341", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42358", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7347" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/UUOCLLONPR6244YQYU65PO5LB7JDYCWM.html" }, { "reference_url": "https://nginx.org/download/patch.2024.mp4.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2024.mp4.txt" }, { "reference_url": "https://nginx.org/download/patch.2024.mp4.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2024.mp4.txt.asc" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971", "reference_id": "1078971", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304966", "reference_id": "2304966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304966" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347", "reference_id": "CVE-2024-7347", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7347" }, { "reference_url": "https://security.gentoo.org/glsa/202409-32", "reference_id": "GLSA-202409-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-32" }, { "reference_url": "https://my.f5.com/manage/s/article/K000140529", "reference_id": "K000140529", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T15:27:31Z/" } ], "url": "https://my.f5.com/manage/s/article/K000140529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3261", "reference_id": "RHSA-2025:3261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3262", "reference_id": "RHSA-2025:3262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7402", "reference_id": "RHSA-2025:7402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7542", "reference_id": "RHSA-2025:7542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7546", "reference_id": "RHSA-2025:7546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7548", "reference_id": "RHSA-2025:7548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7549", "reference_id": "RHSA-2025:7549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7619", "reference_id": "RHSA-2025:7619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7619" }, { "reference_url": "https://usn.ubuntu.com/7014-1/", "reference_id": "USN-7014-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7014-1/" }, { "reference_url": "https://usn.ubuntu.com/7014-2/", "reference_id": "USN-7014-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7014-2/" }, { "reference_url": "https://usn.ubuntu.com/7014-3/", "reference_id": "USN-7014-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7014-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931982?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931981?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931980?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-7347" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb23-pd25-yqg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92255?format=api", "vulnerability_id": "VCID-fgaf-wqmd-gqf3", "summary": "nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)", "references": [ { "reference_url": "https://access.redhat.com/security/cve/cve-2011-4968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2011-4968" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60112", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.6013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.59987", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60089", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60059", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.6011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60123", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60145", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4968" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80952" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2011-4968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2011-4968" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/01/03/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/01/03/8" }, { "reference_url": "http://www.securityfocus.com/bid/57139", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/57139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940", "reference_id": "697940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697940" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.65:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.7.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.36:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:0.8.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4968", "reference_id": "CVE-2011-4968", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4968" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931953?format=api", "purl": "pkg:deb/debian/nginx@1.9.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4968" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgaf-wqmd-gqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49?format=api", "vulnerability_id": "VCID-g39b-k8vv-kyaq", "summary": "Null pointer dereference vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3896.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85331", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85352", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85361", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85375", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85373", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8537", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896" }, { "reference_url": "https://nginx.org/download/patch.null.pointer.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.null.pointer.txt" }, { "reference_url": "https://nginx.org/download/patch.null.pointer.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.null.pointer.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=539565", "reference_id": "539565", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539565" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3896", "reference_id": "CVE-2009-3896", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3896" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931949?format=api", "purl": "pkg:deb/debian/nginx@0.7.62-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.62-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3896" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g39b-k8vv-kyaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47?format=api", "vulnerability_id": "VCID-jau7-gfz8-dkfa", "summary": "The renegotiation vulnerability in SSL protocol", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html" }, { "reference_url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html" }, { "reference_url": "http://blogs.iss.net/archive/sslmitmiscsrf.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blogs.iss.net/archive/sslmitmiscsrf.html" }, { "reference_url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during" }, { "reference_url": "http://clicky.me/tlsvuln", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://clicky.me/tlsvuln" }, { "reference_url": "http://extendedsubset.com/?p=8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://extendedsubset.com/?p=8" }, { "reference_url": "http://extendedsubset.com/Renegotiating_TLS.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://extendedsubset.com/Renegotiating_TLS.pdf" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041" }, { "reference_url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751" }, { "reference_url": "http://kbase.redhat.com/faq/docs/DOC-20491", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://kbase.redhat.com/faq/docs/DOC-20491" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2010//May/msg00002.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html" }, { "reference_url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html" }, { "reference_url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=126150535619567&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127128920008563&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127419602507642&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=127557596201693&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=133469267822771&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=142660345230545&w=2" }, { "reference_url": "http://marc.info/?l=cryptography&m=125752275331877&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=cryptography&m=125752275331877&w=2" }, { "reference_url": "http://openbsd.org/errata45.html#010_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openbsd.org/errata45.html#010_openssl" }, { "reference_url": "http://openbsd.org/errata46.html#004_openssl", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openbsd.org/errata46.html#004_openssl" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1579", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1580", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1694", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2009:1694" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0011", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0119", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0130", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0162", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0163", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0165", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0167", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0337", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0338", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0339", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0408", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0440", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0768", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0770", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0786", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0807", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0865", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0986", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0987", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2010:0987" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0880", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2011:0880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1591", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1591" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2009-3555" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84628", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84686", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02288", "scoring_system": "epss", "scoring_elements": "0.84707", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3555" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526689" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=545755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533125" }, { "reference_url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=50325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049" }, { "reference_url": "http://seclists.org/fulldisclosure/2009/Nov/139", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2009/Nov/139" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200912-01.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-200912-01.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201203-22.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54158" }, { "reference_url": "https://github.com/apache/tomcat", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat" }, { "reference_url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5" }, { "reference_url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d" }, { "reference_url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3" }, { "reference_url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701" }, { "reference_url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02" }, { "reference_url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3" }, { "reference_url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d" }, { "reference_url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366" }, { "reference_url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" }, { "reference_url": "https://kb.bluecoat.com/index?page=content&id=SA50", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.bluecoat.com/index?page=content&id=SA50" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446" }, { "reference_url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>" }, { "reference_url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt" }, { "reference_url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.cve-2009-3555.txt.asc" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535" }, { "reference_url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html" }, { "reference_url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt" }, { "reference_url": "https://tomcat.apache.org/security-5.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-5.html" }, { "reference_url": "https://tomcat.apache.org/security-6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-6.html" }, { "reference_url": "https://tomcat.apache.org/security-7.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-7.html" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1" }, { "reference_url": "http://support.apple.com/kb/HT4004", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4004" }, { "reference_url": "http://support.apple.com/kb/HT4170", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4170" }, { "reference_url": "http://support.apple.com/kb/HT4171", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.apple.com/kb/HT4171" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100070150", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100070150" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100081611", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100081611" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114315", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100114315" }, { "reference_url": "http://support.avaya.com/css/P8/documents/100114327", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.avaya.com/css/P8/documents/100114327" }, { "reference_url": "http://support.citrix.com/article/CTX123359", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.citrix.com/article/CTX123359" }, { "reference_url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES" }, { "reference_url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html" }, { "reference_url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://sysoev.ru/nginx/patch.cve-2009-3555.txt" }, { "reference_url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html" }, { "reference_url": "http://ubuntu.com/usn/usn-923-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ubuntu.com/usn/usn-923-1" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0155" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21426108" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21432298" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24006386" }, { "reference_url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025312" }, { "reference_url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only" }, { "reference_url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.arubanetworks.com/support/alerts/aid-020810.txt" }, { "reference_url": "http://www.betanews.com/article/1257452450", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.betanews.com/article/1257452450" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1934", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2009/dsa-1934" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2141", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2141" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html" }, { "reference_url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03928.html" }, { "reference_url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ietf.org/mail-archive/web/tls/current/msg03948.html" }, { "reference_url": "http://www.ingate.com/Relnote.php?ver=481", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ingate.com/Relnote.php?ver=481" }, { "reference_url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995" }, { "reference_url": "http://www.kb.cert.org/vuls/id/120541", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.kb.cert.org/vuls/id/120541" }, { "reference_url": "http://www.links.org/?p=780", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.links.org/?p=780" }, { "reference_url": "http://www.links.org/?p=786", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.links.org/?p=786" }, { "reference_url": "http://www.links.org/?p=789", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.links.org/?p=789" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089" }, { "reference_url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openoffice.org/security/cves/CVE-2009-3555.html" }, { "reference_url": "http://www.openssl.org/news/secadv_20091111.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openssl.org/news/secadv_20091111.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/05/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/05/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/06/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/07/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/07/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/11/23/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10" }, { "reference_url": "http://www.opera.com/docs/changelogs/unix/1060", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/docs/changelogs/unix/1060" }, { "reference_url": "http://www.opera.com/support/search/view/944", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.opera.com/support/search/view/944" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html" }, { "reference_url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0119.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0130.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0155.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0165.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0337.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0338.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0339.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0768.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0770.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0786.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0807.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0865.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0986.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0987.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.redhat.com/support/errata/RHSA-2011-0880.html" }, { "reference_url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html" }, { "reference_url": "http://www.tombom.co.uk/blog/?p=85", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.tombom.co.uk/blog/?p=85" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1010-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-1010-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-927-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-927-4" }, { "reference_url": "http://www.ubuntu.com/usn/USN-927-5", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-927-5" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" }, { "reference_url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649", "reference_id": "765649", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py", "reference_id": "CVE-2009-3555", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555", "reference_id": "CVE-2009-3555", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3555" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt" }, { "reference_url": "https://www.securityfocus.com/bid/35888/info", "reference_id": "CVE-2009-3555;OSVDB-59970", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/35888/info" }, { "reference_url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6", "reference_id": "GHSA-f7w7-6pjc-wwm6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f7w7-6pjc-wwm6" }, { "reference_url": "https://security.gentoo.org/glsa/200912-01", "reference_id": "GLSA-200912-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200912-01" }, { "reference_url": "https://security.gentoo.org/glsa/201006-18", "reference_id": "GLSA-201006-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201006-18" }, { "reference_url": "https://security.gentoo.org/glsa/201110-05", "reference_id": "GLSA-201110-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-05" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" }, { "reference_url": "https://security.gentoo.org/glsa/201206-18", "reference_id": "GLSA-201206-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-18" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201309-15", "reference_id": "GLSA-201309-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-15" }, { "reference_url": "https://security.gentoo.org/glsa/201311-13", "reference_id": "GLSA-201311-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-13" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22", "reference_id": "mfsa2010-22", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-22" }, { "reference_url": "https://usn.ubuntu.com/1010-1/", "reference_id": "USN-1010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1010-1/" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" }, { "reference_url": "https://usn.ubuntu.com/923-1/", "reference_id": "USN-923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/923-1/" }, { "reference_url": "https://usn.ubuntu.com/927-1/", "reference_id": "USN-927-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-1/" }, { "reference_url": "https://usn.ubuntu.com/927-4/", "reference_id": "USN-927-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-4/" }, { "reference_url": "https://usn.ubuntu.com/927-6/", "reference_id": "USN-927-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/927-6/" }, { "reference_url": "https://usn.ubuntu.com/990-1/", "reference_id": "USN-990-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-1/" }, { "reference_url": "https://usn.ubuntu.com/990-2/", "reference_id": "USN-990-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/990-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931948?format=api", "purl": "pkg:deb/debian/nginx@0.7.64-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.64-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3555", "GHSA-f7w7-6pjc-wwm6", "VU#120541" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jau7-gfz8-dkfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23?format=api", "vulnerability_id": "VCID-jtgk-h6v6-2fgs", "summary": "Use-after-free during CNAME response processing in resolver", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html" }, { "reference_url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94336", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94296", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94317", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94335", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94305", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14006", "scoring_system": "epss", "scoring_elements": "0.94316", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0746" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/36", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2021/Sep/36" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html" }, { "reference_url": "https://support.apple.com/kb/HT212818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT212818" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3473", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3473" }, { "reference_url": "http://www.securitytracker.com/id/1034869", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034869" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2892-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2892-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302588", "reference_id": "1302588", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302588" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806", "reference_id": "812806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0746", "reference_id": "CVE-2016-0746", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0746" }, { "reference_url": "https://security.gentoo.org/glsa/201606-06", "reference_id": "GLSA-201606-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1425", "reference_id": "RHSA-2016:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1425" }, { "reference_url": "https://usn.ubuntu.com/2892-1/", "reference_id": "USN-2892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2892-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931963?format=api", "purl": "pkg:deb/debian/nginx@1.9.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0746" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtgk-h6v6-2fgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1?format=api", "vulnerability_id": "VCID-k9vm-jbxf-dbf8", "summary": "Stack overflow and use-after-free in HTTP/3", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65228", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65256", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65268", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.6525", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65238", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65197", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65222", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31079" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283940", "reference_id": "2283940", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283940" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31079", "reference_id": "CVE-2024-31079", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31079" }, { "reference_url": "https://my.f5.com/manage/s/article/K000139611", "reference_id": "K000139611", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/" } ], "url": "https://my.f5.com/manage/s/article/K000139611" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/", "reference_id": "MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", "reference_id": "R7RPLWC35WHEUFCGKNFG62ESNID25TEZ", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931980?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31079" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9vm-jbxf-dbf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48?format=api", "vulnerability_id": "VCID-kcsp-h1s5-wbea", "summary": "Excessive memory usage in HTTP/2 with zero length headers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.8426", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84314", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84337", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.8433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84291", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02173", "scoring_system": "epss", "scoring_elements": "0.84292", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864", "reference_id": "1741864", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741864" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037", "reference_id": "935037", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037" }, { "reference_url": "https://security.archlinux.org/ASA-201908-12", "reference_id": "ASA-201908-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-12" }, { "reference_url": "https://security.archlinux.org/ASA-201908-13", "reference_id": "ASA-201908-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-13" }, { "reference_url": "https://security.archlinux.org/AVG-1022", "reference_id": "AVG-1022", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1022" }, { "reference_url": "https://security.archlinux.org/AVG-1023", "reference_id": "AVG-1023", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1023" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516", "reference_id": "CVE-2019-9516", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2745", "reference_id": "RHSA-2019:2745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2746", "reference_id": "RHSA-2019:2746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2775", "reference_id": "RHSA-2019:2775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2799", "reference_id": "RHSA-2019:2799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2946", "reference_id": "RHSA-2019:2946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2950", "reference_id": "RHSA-2019:2950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3932", "reference_id": "RHSA-2019:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3933", "reference_id": "RHSA-2019:3933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3935", "reference_id": "RHSA-2019:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://usn.ubuntu.com/4099-1/", "reference_id": "USN-4099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4099-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931970?format=api", "purl": "pkg:deb/debian/nginx@1.14.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9516" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kcsp-h1s5-wbea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24?format=api", "vulnerability_id": "VCID-ktxc-d5t4-bkhg", "summary": "Buffer overflow in resolver", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4315", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.8607", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.8608", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.86096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.86114", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.86126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.8614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.86139", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02811", "scoring_system": "epss", "scoring_elements": "0.86135", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4315" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4315", "reference_id": "CVE-2011-4315", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4315" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931952?format=api", "purl": "pkg:deb/debian/nginx@1.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4315" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktxc-d5t4-bkhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3?format=api", "vulnerability_id": "VCID-m1y8-m8z6-kyg9", "summary": "SPDY heap buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0133.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95596", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95605", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.9561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95612", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95624", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20913", "scoring_system": "epss", "scoring_elements": "0.95631", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0133" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html" }, { "reference_url": "https://nginx.org/download/patch.2014.spdy2.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2014.spdy2.txt" }, { "reference_url": "https://nginx.org/download/patch.2014.spdy2.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2014.spdy2.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077988", "reference_id": "1077988", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077988" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059", "reference_id": "742059", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742059" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0133", "reference_id": "CVE-2014-0133", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0133" }, { "reference_url": "https://security.gentoo.org/glsa/201406-20", "reference_id": "GLSA-201406-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931960?format=api", "purl": "pkg:deb/debian/nginx@1.4.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0133" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1y8-m8z6-kyg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32?format=api", "vulnerability_id": "VCID-m393-anc8-dfgf", "summary": "Buffer overflow in the ngx_http_mp4_module", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2089", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.89995", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.9001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.90015", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.90031", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.90045", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.90044", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05317", "scoring_system": "epss", "scoring_elements": "0.90038", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2089" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2089" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000080.html" }, { "reference_url": "https://nginx.org/download/patch.2012.mp4.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2012.mp4.txt" }, { "reference_url": "https://nginx.org/download/patch.2012.mp4.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2012.mp4.txt.asc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2089", "reference_id": "CVE-2012-2089", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2089" }, { "reference_url": "https://security.gentoo.org/glsa/201206-07", "reference_id": "GLSA-201206-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-07" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931955?format=api", "purl": "pkg:deb/debian/nginx@1.1.19-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.19-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2089" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m393-anc8-dfgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39?format=api", "vulnerability_id": "VCID-mhdp-u59y-2kgw", "summary": "Buffer underflow vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2629.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.781", "scoring_system": "epss", "scoring_elements": "0.99012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.781", "scoring_system": "epss", "scoring_elements": "0.99015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.781", "scoring_system": "epss", "scoring_elements": "0.99017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.781", "scoring_system": "epss", "scoring_elements": "0.99011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.781", "scoring_system": "epss", "scoring_elements": "0.99014", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.80762", "scoring_system": "epss", "scoring_elements": "0.99135", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.80762", "scoring_system": "epss", "scoring_elements": "0.99134", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629" }, { "reference_url": "https://nginx.org/download/patch.180065.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.180065.txt" }, { "reference_url": "https://nginx.org/download/patch.180065.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.180065.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=523105", "reference_id": "523105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=523105" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14830.py", "reference_id": "CVE-2009-2629", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14830.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2629", "reference_id": "CVE-2009-2629", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2629" }, { "reference_url": "https://security.gentoo.org/glsa/200909-18", "reference_id": "GLSA-200909-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931944?format=api", "purl": "pkg:deb/debian/nginx@0.7.61-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.61-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2629", "VU#180065" ], "risk_score": 1.4, "exploitability": "2.0", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhdp-u59y-2kgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21?format=api", "vulnerability_id": "VCID-n3pn-h7s7-nfd4", "summary": "Use-after-free in HTTP/3", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39879", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39958", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39922", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39956", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24990" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264298", "reference_id": "2264298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264298" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24990", "reference_id": "CVE-2024-24990", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24990" }, { "reference_url": "https://security.gentoo.org/glsa/202409-32", "reference_id": "GLSA-202409-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-32" }, { "reference_url": "https://my.f5.com/manage/s/article/K000138445", "reference_id": "K000138445", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/" } ], "url": "https://my.f5.com/manage/s/article/K000138445" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931979?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-24990" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n3pn-h7s7-nfd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44?format=api", "vulnerability_id": "VCID-nckn-qkc8-t7ge", "summary": "Memory disclosure in the ngx_http_mp4_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16845.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90931", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90982", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90972", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90981", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90936", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06332", "scoring_system": "epss", "scoring_elements": "0.90966", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16845" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html" }, { "reference_url": "https://nginx.org/download/patch.2018.mp4.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2018.mp4.txt" }, { "reference_url": "https://nginx.org/download/patch.2018.mp4.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2018.mp4.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644508", "reference_id": "1644508", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644508" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090", "reference_id": "913090", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913090" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16845", "reference_id": "CVE-2018-16845", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3652", "reference_id": "RHSA-2018:3652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3653", "reference_id": "RHSA-2018:3653", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3653" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3680", "reference_id": "RHSA-2018:3680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3681", "reference_id": "RHSA-2018:3681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3681" }, { "reference_url": "https://usn.ubuntu.com/3812-1/", "reference_id": "USN-3812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931968?format=api", "purl": "pkg:deb/debian/nginx@1.14.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.14.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16845" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nckn-qkc8-t7ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46?format=api", "vulnerability_id": "VCID-p1nx-cfx1-jqh3", "summary": "SPDY memory corruption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85643", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.8568", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85699", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.8571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85725", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85721", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02642", "scoring_system": "epss", "scoring_elements": "0.85718", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0088" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html" }, { "reference_url": "https://nginx.org/download/patch.2014.spdy.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2014.spdy.txt" }, { "reference_url": "https://nginx.org/download/patch.2014.spdy.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2014.spdy.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072546", "reference_id": "1072546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072546" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0088", "reference_id": "CVE-2014-0088", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0088" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0088" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p1nx-cfx1-jqh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59738?format=api", "vulnerability_id": "VCID-p933-hxvk-37bk", "summary": "Gentoo's NGINX ebuilds are vulnerable to privilege escalation due\n to the way log files are handled.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1247.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1247", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92947", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92976", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92972", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92977", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92956", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92961", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.9296", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0983", "scoring_system": "epss", "scoring_elements": "0.92968", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1247" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:S/C:C/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390182", "reference_id": "1390182", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1390182" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295", "reference_id": "842295", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842295" }, { "reference_url": "https://security.archlinux.org/ASA-201701-23", "reference_id": "ASA-201701-23", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-23" }, { "reference_url": "https://security.archlinux.org/ASA-201701-24", "reference_id": "ASA-201701-24", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-24" }, { "reference_url": "https://security.archlinux.org/AVG-138", "reference_id": "AVG-138", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-138" }, { "reference_url": "https://security.archlinux.org/AVG-139", "reference_id": "AVG-139", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-139" }, { "reference_url": "http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html", "reference_id": "CVE-2016-1247", "reference_type": "exploit", "scores": [], "url": "http://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh", "reference_id": "CVE-2016-1247", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40768.sh" }, { "reference_url": "https://security.gentoo.org/glsa/201701-22", "reference_id": "GLSA-201701-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-22" }, { "reference_url": "https://usn.ubuntu.com/3114-1/", "reference_id": "USN-3114-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3114-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931964?format=api", "purl": "pkg:deb/debian/nginx@1.10.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1247" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p933-hxvk-37bk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36?format=api", "vulnerability_id": "VCID-pchd-6b6f-myds", "summary": "Memory disclosure in HTTP/3", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72456", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72466", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.7241", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72415", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72433", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34161" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283926", "reference_id": "2283926", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283926" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34161", "reference_id": "CVE-2024-34161", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34161" }, { "reference_url": "https://my.f5.com/manage/s/article/K000139627", "reference_id": "K000139627", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/" } ], "url": "https://my.f5.com/manage/s/article/K000139627" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/", "reference_id": "MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", "reference_id": "R7RPLWC35WHEUFCGKNFG62ESNID25TEZ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931980?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-34161" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pchd-6b6f-myds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33?format=api", "vulnerability_id": "VCID-pmrf-dxst-p7a7", "summary": "Request line parsing vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90921", "scoring_system": "epss", "scoring_elements": "0.9963", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.90921", "scoring_system": "epss", "scoring_elements": "0.99629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.90921", "scoring_system": "epss", "scoring_elements": "0.99632", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.90921", "scoring_system": "epss", "scoring_elements": "0.99633", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html" }, { "reference_url": "https://nginx.org/download/patch.2013.space.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.space.txt" }, { "reference_url": "https://nginx.org/download/patch.2013.space.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.space.txt.asc" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012", "reference_id": "730012", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730012" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4547", "reference_id": "CVE-2013-4547", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4547" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt", "reference_id": "CVE-2013-4547;OSVDB-100015", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/38846.txt" }, { "reference_url": "https://www.securityfocus.com/bid/63814/info", "reference_id": "CVE-2013-4547;OSVDB-100015", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/63814/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931959?format=api", "purl": "pkg:deb/debian/nginx@1.4.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4547" ], "risk_score": 7.0, "exploitability": "2.0", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmrf-dxst-p7a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28?format=api", "vulnerability_id": "VCID-pq29-p7wp-bqe3", "summary": "NULL pointer dereference in HTTP/3", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-35200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62807", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.6283", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62823", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62806", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62791", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-35200" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283919", "reference_id": "2283919", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283919" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35200", "reference_id": "CVE-2024-35200", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35200" }, { "reference_url": "https://my.f5.com/manage/s/article/K000139612", "reference_id": "K000139612", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/" } ], "url": "https://my.f5.com/manage/s/article/K000139612" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/", "reference_id": "MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/", "reference_id": "R7RPLWC35WHEUFCGKNFG62ESNID25TEZ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931980?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-35200" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pq29-p7wp-bqe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92358?format=api", "vulnerability_id": "VCID-qpfs-f882-gqd3", "summary": "Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.", "references": [ { "reference_url": "http://code.google.com/p/naxsi/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://code.google.com/p/naxsi/" }, { "reference_url": "http://code.google.com/p/naxsi/source/detail?r=307", "reference_id": "", "reference_type": "", "scores": [], "url": "http://code.google.com/p/naxsi/source/detail?r=307" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37549", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37756", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37698", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37677", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3380" }, { "reference_url": "http://secunia.com/advisories/49811", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/49811" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/07/05/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/07/05/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/07/06/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/07/06/3" }, { "reference_url": "http://www.osvdb.org/83617", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/83617" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:wargio:naxsi:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wargio:naxsi:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3380", "reference_id": "CVE-2012-3380", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3380" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931956?format=api", "purl": "pkg:deb/debian/nginx@1.2.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.2.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-3380" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpfs-f882-gqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37?format=api", "vulnerability_id": "VCID-qzcz-zvv6-dyda", "summary": "Invalid pointer dereference in resolver", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html" }, { "reference_url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx/2016-January/049700.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.80364", "scoring_system": "epss", "scoring_elements": "0.99122", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.80364", "scoring_system": "epss", "scoring_elements": "0.99113", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.80364", "scoring_system": "epss", "scoring_elements": "0.99114", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.80364", "scoring_system": "epss", "scoring_elements": "0.99117", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.80364", "scoring_system": "epss", "scoring_elements": "0.9912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.80364", "scoring_system": "epss", "scoring_elements": "0.99121", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0742" }, { "reference_url": "https://bto.bluecoat.com/security-advisory/sa115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bto.bluecoat.com/security-advisory/sa115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0747" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Sep/36", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2021/Sep/36" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html" }, { "reference_url": "https://support.apple.com/kb/HT212818", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT212818" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3473", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3473" }, { "reference_url": "http://www.securitytracker.com/id/1034869", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034869" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2892-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2892-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302587", "reference_id": "1302587", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302587" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806", "reference_id": "812806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812806" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0742", "reference_id": "CVE-2016-0742", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0742" }, { "reference_url": "https://security.gentoo.org/glsa/201606-06", "reference_id": "GLSA-201606-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1425", "reference_id": "RHSA-2016:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1425" }, { "reference_url": "https://usn.ubuntu.com/2892-1/", "reference_id": "USN-2892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2892-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931963?format=api", "purl": "pkg:deb/debian/nginx@1.9.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.9.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0742" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzcz-zvv6-dyda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27?format=api", "vulnerability_id": "VCID-r6yw-nrv5-aycy", "summary": "Vulnerabilities with Windows file default stream", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.9755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97535", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97542", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97546", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.44217", "scoring_system": "epss", "scoring_elements": "0.97549", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2263" }, { "reference_url": "http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html" }, { "reference_url": "http://www.exploit-db.com/exploits/13818", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/13818" }, { "reference_url": "http://www.exploit-db.com/exploits/13822", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/13822" }, { "reference_url": "http://www.securityfocus.com/bid/40760", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40760" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2263", "reference_id": "CVE-2010-2263", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2263" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt", "reference_id": "CVE-2010-2263;OSVDB-65531", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt", "reference_id": "CVE-2010-2266;CVE-2010-2263;OSVDB-65531;OSVDB-65530", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2263" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r6yw-nrv5-aycy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10?format=api", "vulnerability_id": "VCID-rsr7-p977-tycc", "summary": "NULL pointer dereference while writing client request body", "references": [ { "reference_url": "http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88453", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88405", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88451", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88462", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88454", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88414", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88422", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04016", "scoring_system": "epss", "scoring_elements": "0.88426", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html" }, { "reference_url": "https://nginx.org/download/patch.2016.write2.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2016.write2.txt" }, { "reference_url": "https://nginx.org/download/patch.2016.write2.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2016.write2.txt.asc" }, { "reference_url": "https://nginx.org/download/patch.2016.write.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2016.write.txt" }, { "reference_url": "https://nginx.org/download/patch.2016.write.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2016.write.txt.asc" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3592", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3592" }, { "reference_url": "http://www.securityfocus.com/bid/90967", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90967" }, { "reference_url": "http://www.securitytracker.com/id/1036019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036019" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2991-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2991-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341462", "reference_id": "1341462", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341462" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960", "reference_id": "825960", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825960" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:1.11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4450", "reference_id": "CVE-2016-4450", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4450" }, { "reference_url": "https://security.gentoo.org/glsa/201606-06", "reference_id": "GLSA-201606-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1425", "reference_id": "RHSA-2016:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1425" }, { "reference_url": "https://usn.ubuntu.com/2991-1/", "reference_id": "USN-2991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931965?format=api", "purl": "pkg:deb/debian/nginx@1.10.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.10.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4450" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsr7-p977-tycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20?format=api", "vulnerability_id": "VCID-saph-cq2z-ubga", "summary": "NULL pointer dereference in HTTP/3", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70708", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70701", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70717", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.7074", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70724", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.7066", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70678", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264290", "reference_id": "2264290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264290" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/30/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24989", "reference_id": "CVE-2024-24989", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24989" }, { "reference_url": "https://security.gentoo.org/glsa/202409-32", "reference_id": "GLSA-202409-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-32" }, { "reference_url": "https://my.f5.com/manage/s/article/K000138444", "reference_id": "K000138444", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/" } ], "url": "https://my.f5.com/manage/s/article/K000138444" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931979?format=api", "purl": "pkg:deb/debian/nginx@1.26.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-24989" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-saph-cq2z-ubga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30?format=api", "vulnerability_id": "VCID-su8w-6wa4-u3gp", "summary": "Vulnerabilities with invalid UTF-8 sequence on Windows", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.9164", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91598", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91605", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91619", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91631", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91638", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91641", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07262", "scoring_system": "epss", "scoring_elements": "0.91643", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2266" }, { "reference_url": "http://www.exploit-db.com/exploits/13818/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/13818/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2266", "reference_id": "CVE-2010-2266", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2266" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2266" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-su8w-6wa4-u3gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42?format=api", "vulnerability_id": "VCID-t6gs-g1cq-hqem", "summary": "Directory traversal vulnerability", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77762", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.778", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77805", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77831", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.77814", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557389", "reference_id": "557389", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557389" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3898", "reference_id": "CVE-2009-3898", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3898" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9829.txt", "reference_id": "CVE-2009-3898;OSVDB-58328", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/9829.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931950?format=api", "purl": "pkg:deb/debian/nginx@0.7.63-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0.7.63-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3898" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t6gs-g1cq-hqem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13?format=api", "vulnerability_id": "VCID-u25m-v3f6-23dk", "summary": "Memory disclosure with specially crafted HTTP backend responses", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html" }, { "reference_url": "http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html" }, { "reference_url": "http://nginx.org/download/patch.2013.proxy.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nginx.org/download/patch.2013.proxy.txt" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2070", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.89248", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.892", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.89245", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.89255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.89251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.89206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.8922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.89222", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04601", "scoring_system": "epss", "scoring_elements": "0.8924", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2070" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=962525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=962525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070" }, { "reference_url": "http://seclists.org/oss-sec/2013/q2/291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2013/q2/291" }, { "reference_url": "http://secunia.com/advisories/55181", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55181" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201310-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201310-04.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84172" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html" }, { "reference_url": "https://nginx.org/download/patch.2013.chunked.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.chunked.txt" }, { "reference_url": "https://nginx.org/download/patch.2013.chunked.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.chunked.txt.asc" }, { "reference_url": "https://nginx.org/download/patch.2013.proxy.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.proxy.txt" }, { "reference_url": "https://nginx.org/download/patch.2013.proxy.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2013.proxy.txt.asc" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2721", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2721" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/05/13/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/05/13/3" }, { "reference_url": "http://www.securityfocus.com/bid/59824", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/59824" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164", "reference_id": "708164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708164" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2070", "reference_id": "CVE-2013-2070", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2070" }, { "reference_url": "https://security.gentoo.org/glsa/201310-04", "reference_id": "GLSA-201310-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931958?format=api", "purl": "pkg:deb/debian/nginx@1.4.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.4.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2070" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u25m-v3f6-23dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80226?format=api", "vulnerability_id": "VCID-u8aq-2qhu-gff5", "summary": "ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69833", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69896", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69902", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.6991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69845", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.6986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69837", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623", "reference_id": "1975623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328", "reference_id": "991328", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329", "reference_id": "991329", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331", "reference_id": "991331", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331" }, { "reference_url": "https://security.archlinux.org/AVG-2101", "reference_id": "AVG-2101", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2101" }, { "reference_url": "https://security.archlinux.org/AVG-2102", "reference_id": "AVG-2102", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2102" }, { "reference_url": "https://security.archlinux.org/AVG-2103", "reference_id": "AVG-2103", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2103" }, { "reference_url": "https://usn.ubuntu.com/5371-1/", "reference_id": "USN-5371-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5371-1/" }, { "reference_url": "https://usn.ubuntu.com/5371-2/", "reference_id": "USN-5371-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5371-2/" }, { "reference_url": "https://usn.ubuntu.com/6379-1/", "reference_id": "USN-6379-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6379-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931976?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931975?format=api", "purl": "pkg:deb/debian/nginx@1.20.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.20.2-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3618" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8aq-2qhu-gff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/221783?format=api", "vulnerability_id": "VCID-w6nj-1hnj-kbf6", "summary": "When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39792", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80177", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.802", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80136", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80156", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80144", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01364", "scoring_system": "epss", "scoring_elements": "0.80173", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39792" }, { "reference_url": "https://my.f5.com/manage/s/article/K000140108", "reference_id": "K000140108", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-15T13:59:03Z/" } ], "url": "https://my.f5.com/manage/s/article/K000140108" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931951?format=api", "purl": "pkg:deb/debian/nginx@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-39792" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6nj-1hnj-kbf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22?format=api", "vulnerability_id": "VCID-wc3j-5xmu-kyex", "summary": "Memory disclosure in the ngx_http_mp4_module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.27047", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26855", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26912", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26956", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26953", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26837", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41742" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2022/RBRRON6PYBJJM2XIAPQBFBVLR4Q6IHRA.html" }, { "reference_url": "https://nginx.org/download/patch.2022.mp4.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2022.mp4.txt" }, { "reference_url": "https://nginx.org/download/patch.2022.mp4.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2022.mp4.txt.asc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496", "reference_id": "2141496", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141496" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/", "reference_id": "BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPRVYA4FS34VWB4FEFYNAD7Z2LFCJVEI/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742", "reference_id": "CVE-2022-41742", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41742" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5281", "reference_id": "dsa-5281", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5281" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/", "reference_id": "FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FD6M3PVVKO35WLAA7GLDBS6TEQ26SM64/" }, { "reference_url": "https://support.f5.com/csp/article/K28112382", "reference_id": "K28112382", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://support.f5.com/csp/article/K28112382" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230120-0005/", "reference_id": "ntap-20230120-0005", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230120-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7402", "reference_id": "RHSA-2025:7402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7546", "reference_id": "RHSA-2025:7546", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7619", "reference_id": "RHSA-2025:7619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7619" }, { "reference_url": "https://usn.ubuntu.com/5722-1/", "reference_id": "USN-5722-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5722-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/", "reference_id": "WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T18:11:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WBORRVG7VVXYOAIAD64ZHES2U2VIUKFQ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931977?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-41742" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wc3j-5xmu-kyex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31?format=api", "vulnerability_id": "VCID-wsxq-wqqr-n3ey", "summary": "Memory disclosure with specially crafted backend responses", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86659", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86669", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86688", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86716", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86729", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.86727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03062", "scoring_system": "epss", "scoring_elements": "0.8672", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1180" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2012/000076.html" }, { "reference_url": "https://nginx.org/download/patch.2012.memory.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2012.memory.txt" }, { "reference_url": "https://nginx.org/download/patch.2012.memory.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nginx.org/download/patch.2012.memory.txt.asc" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137", "reference_id": "664137", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664137" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1180", "reference_id": "CVE-2012-1180", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1180" }, { "reference_url": "https://security.gentoo.org/glsa/201203-22", "reference_id": "GLSA-201203-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931954?format=api", "purl": "pkg:deb/debian/nginx@1.1.17-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.1.17-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-1180" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsxq-wqqr-n3ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17?format=api", "vulnerability_id": "VCID-x8ck-rceh-ukdw", "summary": "SSL session reuse vulnerability", "references": [ { "reference_url": "http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3616.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85161", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.8509", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85167", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85165", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85103", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.8512", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85124", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85145", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02435", "scoring_system": "epss", "scoring_elements": "0.85153", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "medium", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3029", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3029" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1142573", "reference_id": "1142573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1142573" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761940", "reference_id": "761940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=761940" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3616", "reference_id": "CVE-2014-3616", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3616" }, { "reference_url": "https://security.gentoo.org/glsa/201502-06", "reference_id": "GLSA-201502-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-06" }, { "reference_url": "https://usn.ubuntu.com/2351-1/", "reference_id": "USN-2351-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2351-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931962?format=api", "purl": "pkg:deb/debian/nginx@1.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.6.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3616" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ck-rceh-ukdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94585?format=api", "vulnerability_id": "VCID-y3tg-7fge-1yfy", "summary": "ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.61963", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62034", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62065", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62084", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62102", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62122", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62111", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.6209", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36309" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787", "reference_id": "986787", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986787" }, { "reference_url": "https://usn.ubuntu.com/5371-1/", "reference_id": "USN-5371-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5371-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931973?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931972?format=api", "purl": "pkg:deb/debian/nginx@1.22.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-36309" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3tg-7fge-1yfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83977?format=api", "vulnerability_id": "VCID-yu2j-f4q9-bbcx", "summary": "nginx: buffer overflow in ngx_gmtime() triggered by 5 digit years", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-20005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-20005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87118", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87065", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87094", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87087", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87108", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87115", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87128", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87123", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-20005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005" }, { "reference_url": "https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf", "reference_id": "0206ebe76f748bb39d9de4dd4b3fce777fdfdccf", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/" } ], "url": "https://github.com/nginx/nginx/commit/0206ebe76f748bb39d9de4dd4b3fce777fdfdccf" }, { "reference_url": "https://trac.nginx.org/nginx/ticket/1368", "reference_id": "1368", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/" } ], "url": "https://trac.nginx.org/nginx/ticket/1368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974192", "reference_id": "1974192", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974192" }, { "reference_url": "https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b", "reference_id": "b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/" } ], "url": "https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b" }, { "reference_url": "http://nginx.org/en/CHANGES", "reference_id": "CHANGES", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/" } ], "url": "http://nginx.org/en/CHANGES" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html", "reference_id": "msg00009.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210805-0006/", "reference_id": "ntap-20210805-0006", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-04T13:25:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210805-0006/" }, { "reference_url": "https://usn.ubuntu.com/5109-1/", "reference_id": "USN-5109-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5109-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/931966?format=api", "purl": "pkg:deb/debian/nginx@1.13.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.13.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931945?format=api", "purl": "pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-d1c6-dt2p-9kaa" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-hemy-pnpj-sfg3" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931943?format=api", "purl": "pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-5781-s1ny-q7ey" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931947?format=api", "purl": "pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cu7-pyw5-t3dm" }, { "vulnerability": "VCID-3czf-dtzg-8kdm" }, { "vulnerability": "VCID-fmvd-vyt7-mkfk" }, { "vulnerability": "VCID-kpjx-rrjs-subs" }, { "vulnerability": "VCID-sxf9-qr1j-u3et" }, { "vulnerability": "VCID-z3xb-4krg-rbae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/931946?format=api", "purl": "pkg:deb/debian/nginx@1.28.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-20005" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yu2j-f4q9-bbcx" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie" }