Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/93355?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/93355?format=api", "purl": "pkg:rpm/redhat/bluez@5.72-2?arch=el9", "type": "rpm", "namespace": "redhat", "name": "bluez", "version": "5.72-2", "qualifiers": { "arch": "el9" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76475?format=api", "vulnerability_id": "VCID-1d6b-y23m-dqgf", "summary": "bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50230.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50230.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87785", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87766", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87765", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87764", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87781", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87788", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87719", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87721", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87749", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87759", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87753", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87752", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50230" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278972", "reference_id": "2278972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278972" }, { "reference_url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443", "reference_id": "5ab5352531a9cc7058cce569607f3a6831464443", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T20:56:16Z/" } ], "url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://usn.ubuntu.com/7222-1/", "reference_id": "USN-7222-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7222-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1812/", "reference_id": "ZDI-23-1812", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T20:56:16Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1812/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-50230" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d6b-y23m-dqgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76472?format=api", "vulnerability_id": "VCID-2zvr-61xy-mube", "summary": "bluez: audio profile avrcp parse_media_element out-of-bounds read information disclosure vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51589.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51589.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12232", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11972", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12125", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12106", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12073", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12156", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12207", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12216", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12179", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12144", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1201", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51589" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51589", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51589" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081912", "reference_id": "1081912", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081912" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278965", "reference_id": "2278965", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4043", "reference_id": "RHSA-2025:4043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4043" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1904/", "reference_id": "ZDI-23-1904", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T14:26:53Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1904/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-51589" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zvr-61xy-mube" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33660?format=api", "vulnerability_id": "VCID-72rt-6t6r-87a8", "summary": "Multiple vulnerabilities have been discovered in Bluez, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45866.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45866.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96971", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96973", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96982", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96983", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96986", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96987", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96996", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.96999", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.34352", "scoring_system": "epss", "scoring_elements": "0.97001", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.34916", "scoring_system": "epss", "scoring_elements": "0.97043", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.34916", "scoring_system": "epss", "scoring_elements": "0.9704", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.34916", "scoring_system": "epss", "scoring_elements": "0.97042", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45866" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057914", "reference_id": "1057914", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253391", "reference_id": "2253391", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253391" }, { "reference_url": "https://security.gentoo.org/glsa/202401-03", "reference_id": "GLSA-202401-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11154", "reference_id": "RHSA-2024:11154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://usn.ubuntu.com/6540-1/", "reference_id": "USN-6540-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6540-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-45866" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72rt-6t6r-87a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76473?format=api", "vulnerability_id": "VCID-c954-9p73-jydq", "summary": "bluez: avrcp_parse_attribute_list out-of-bounds read information disclosure vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51580.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51580.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51580", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13411", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13154", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13277", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13284", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13257", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13477", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13272", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13356", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13406", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13376", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1334", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13196", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51580" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51580", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51580" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081911", "reference_id": "1081911", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1081911" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278967", "reference_id": "2278967", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1903/", "reference_id": "ZDI-23-1903", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T16:03:03Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1903/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-51580" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c954-9p73-jydq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76459?format=api", "vulnerability_id": "VCID-ew7j-44c4-p3ft", "summary": "bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51596.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51596.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86174", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86152", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86143", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86164", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86091", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.8612", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86135", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86133", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86129", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02808", "scoring_system": "epss", "scoring_elements": "0.86147", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51596" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51596", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51596" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074419", "reference_id": "1074419", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074419" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278945", "reference_id": "2278945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1902/", "reference_id": "ZDI-23-1902", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T19:27:08Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1902/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-51596" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ew7j-44c4-p3ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76443?format=api", "vulnerability_id": "VCID-jpsm-jcx3-7qbn", "summary": "BlueZ: Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86647", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86616", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86609", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86628", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86639", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86648", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86577", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86596", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.86606", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03017", "scoring_system": "epss", "scoring_elements": "0.8662", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278787", "reference_id": "2278787", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278787" }, { "reference_url": "https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=f54299a850676d92c3dafd83e9174fcfe420ccc9", "reference_id": "?id=f54299a850676d92c3dafd83e9174fcfe420ccc9", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:38:51Z/" } ], "url": "https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=f54299a850676d92c3dafd83e9174fcfe420ccc9" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:38:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00015.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4043", "reference_id": "RHSA-2025:4043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4043" }, { "reference_url": "https://usn.ubuntu.com/6809-1/", "reference_id": "USN-6809-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6809-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-386/", "reference_id": "ZDI-23-386", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:38:51Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-386/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-27349" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jpsm-jcx3-7qbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76465?format=api", "vulnerability_id": "VCID-jxwc-w5as-aubc", "summary": "bluez: OBEX library out-of-bounds read information disclosure vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51594.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51594.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11519", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11262", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11431", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11375", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11331", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1157", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11358", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11442", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.115", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11511", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11478", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11449", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11309", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11308", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51594" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082870", "reference_id": "1082870", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082870" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278955", "reference_id": "2278955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1901/", "reference_id": "ZDI-23-1901", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-03T18:45:09Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1901/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-51594" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxwc-w5as-aubc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76470?format=api", "vulnerability_id": "VCID-kdkp-3kbp-2yeh", "summary": "bluez: audio profile avrcp parse_media_folder out-of-bounds read information disclosure vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51592.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51592.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.084", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08354", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08458", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08424", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08388", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08452", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08457", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08438", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08298", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51592" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082869", "reference_id": "1082869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082869" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278962", "reference_id": "2278962", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1905/", "reference_id": "ZDI-23-1905", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-17T17:28:42Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1905/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-51592" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kdkp-3kbp-2yeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76476?format=api", "vulnerability_id": "VCID-mfyz-6q2s-wfgu", "summary": "bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50229.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50229.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87785", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87766", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87765", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87764", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87781", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87788", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87719", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87721", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87749", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87759", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87753", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03586", "scoring_system": "epss", "scoring_elements": "0.87752", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50229" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278974", "reference_id": "2278974", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278974" }, { "reference_url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443", "reference_id": "5ab5352531a9cc7058cce569607f3a6831464443", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:55:35Z/" } ], "url": "https://github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://usn.ubuntu.com/7222-1/", "reference_id": "USN-7222-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7222-1/" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1811/", "reference_id": "ZDI-23-1811", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:55:35Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1811/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-50229" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfyz-6q2s-wfgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76474?format=api", "vulnerability_id": "VCID-ypuw-uqhj-v3hf", "summary": "bluez: AVRCP stack-based buffer overflow remote code execution vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44431.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44431.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44431", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85191", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85301", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85271", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85294", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85302", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85209", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85211", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85233", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85241", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.85253", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.8525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02464", "scoring_system": "epss", "scoring_elements": "0.8527", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44431", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44431" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077687", "reference_id": "1077687", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077687" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278969", "reference_id": "2278969", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9413", "reference_id": "RHSA-2024:9413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9413" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1900/", "reference_id": "ZDI-23-1900", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T20:42:18Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1900/" } ], "fixed_packages": [], "aliases": [ "CVE-2023-44431" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypuw-uqhj-v3hf" } ], "fixing_vulnerabilities": [], "risk_score": "3.2", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/bluez@5.72-2%3Farch=el9" }