Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936192?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "pypy3", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.3.3+dfsg-1", "latest_non_vulnerable_version": "7.3.20+dfsg-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31515?format=api", "vulnerability_id": "VCID-1hw3-vhwb-nkcd", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.719", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71811", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71824", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71859", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71842", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71871", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71854", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12718" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/127987", "reference_id": "127987", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/issues/127987" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013", "reference_id": "2370013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936204?format=api", "purl": "pkg:deb/debian/pypy3@7.3.20%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.20%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-12718" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hw3-vhwb-nkcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31516?format=api", "vulnerability_id": "VCID-4afh-28ss-mudf", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50673", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50685", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50699", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50748", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5075", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50756", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50736", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4138" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426", "reference_id": "2372426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936204?format=api", "purl": "pkg:deb/debian/pypy3@7.3.20%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.20%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4138" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4afh-28ss-mudf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31519?format=api", "vulnerability_id": "VCID-5maz-1h1k-3qfj", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43354", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43274", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43381", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43386", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43406", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43374", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43359", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43418", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43407", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43341", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/pull/129648", "reference_id": "129648", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/pull/129648" }, { "reference_url": "https://github.com/python/cpython/issues/133767", "reference_id": "133767", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/issues/133767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366509", "reference_id": "2366509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366509" }, { "reference_url": "https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292", "reference_id": "4398b788ffc1f954a2c552da285477d42a571292", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292" }, { "reference_url": "https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d", "reference_id": "6279eb8c076d89d3739a6edb393e43c7929b429d", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d" }, { "reference_url": "https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142", "reference_id": "69b4387f78f413e8c47572a85b3478c47eba8142", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142" }, { "reference_url": "https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f", "reference_id": "73b3040f592436385007918887b7e2132aa8431f", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f" }, { "reference_url": "https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77", "reference_id": "8d35fd1b34935221aff23a1ab69a429dd156be77", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77" }, { "reference_url": "https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e", "reference_id": "9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e" }, { "reference_url": "https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b", "reference_id": "ab9893c40609935e0d40a6d2a7307ea51aec598b", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/", "reference_id": "L75IPBBTSCYEF56I2M4KIW353BB3AY74", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://usn.ubuntu.com/7570-1/", "reference_id": "USN-7570-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7570-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936180?format=api", "purl": "pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-7s7y-9bw5-m3ep" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-9nvp-aus1-9yed" }, { "vulnerability": "VCID-9sms-mhht-n3aq" }, { "vulnerability": "VCID-dnv8-yrd6-c7cv" }, { "vulnerability": "VCID-e6sb-bh7v-9ugg" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-qwhz-912b-8kh5" }, { "vulnerability": "VCID-smck-sdx2-c7du" }, { "vulnerability": "VCID-v186-7sv1-ubej" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936183?format=api", "purl": "pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4516" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5maz-1h1k-3qfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31521?format=api", "vulnerability_id": "VCID-757r-fs6p-qqdd", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53606", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53671", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60923", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60898", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60907", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016", "reference_id": "2370016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936204?format=api", "purl": "pkg:deb/debian/pypy3@7.3.20%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.20%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4517" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-fs6p-qqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66416?format=api", "vulnerability_id": "VCID-8dtv-379a-wqfs", "summary": "cpython: Excessive read buffering DoS in http.client", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13836.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41585", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41411", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41539", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41589", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41599", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41574", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4162", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41594", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41518", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126783", "reference_id": "1126783", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126783" }, { "reference_url": "https://github.com/python/cpython/issues/119451", "reference_id": "119451", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/issues/119451" }, { "reference_url": "https://github.com/python/cpython/pull/119454", "reference_id": "119454", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/pull/119454" }, { "reference_url": "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628", "reference_id": "14b1fdb0a94b96f86fc7b86671ea9582b8676628", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418078", "reference_id": "2418078", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418078" }, { "reference_url": "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "reference_id": "289f29b0fe38baf2d7cb5854f4bb573cc34a6a15", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15" }, { "reference_url": "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155", "reference_id": "4ce27904b597c77d74dd93f2c912676021a99155", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155" }, { "reference_url": "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5", "reference_id": "5a4c4a033a4a54481be6870aa1896fad732555b5", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5" }, { "reference_url": "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0", "reference_id": "5dc101675fd22918facbbe0fecdc821502beaaf0", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0" }, { "reference_url": "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "reference_id": "afc40bdd3dd71f343fd9016f6d8eebbacbd6587c", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/", "reference_id": "OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1374", "reference_id": "RHSA-2026:1374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1408", "reference_id": "RHSA-2026:1408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1410", "reference_id": "RHSA-2026:1410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1736", "reference_id": "RHSA-2026:1736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1828", "reference_id": "RHSA-2026:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1892", "reference_id": "RHSA-2026:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1893", "reference_id": "RHSA-2026:1893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1922", "reference_id": "RHSA-2026:1922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2084", "reference_id": "RHSA-2026:2084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2233", "reference_id": "RHSA-2026:2233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2419", "reference_id": "RHSA-2026:2419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2563", "reference_id": "RHSA-2026:2563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3897", "reference_id": "RHSA-2026:3897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3900", "reference_id": "RHSA-2026:3900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8746", "reference_id": "RHSA-2026:8746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8747", "reference_id": "RHSA-2026:8747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8748", "reference_id": "RHSA-2026:8748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/7951-1/", "reference_id": "USN-7951-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7951-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-13836" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8dtv-379a-wqfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31517?format=api", "vulnerability_id": "VCID-8zdt-4q7m-t7ht", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77192", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.7708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77122", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77149", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77123", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77166", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4330" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014", "reference_id": "2370014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936204?format=api", "purl": "pkg:deb/debian/pypy3@7.3.20%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.20%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4330" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zdt-4q7m-t7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31513?format=api", "vulnerability_id": "VCID-dnv8-yrd6-c7cv", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45799", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4593", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45869", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45853", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45825", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45877", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8088" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1", "reference_id": "0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1" }, { "reference_url": "https://github.com/python/cpython/issues/122905", "reference_id": "122905", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/issues/122905" }, { "reference_url": "https://github.com/python/cpython/pull/122906", "reference_id": "122906", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/pull/122906" }, { "reference_url": "https://github.com/python/cpython/issues/123270", "reference_id": "123270", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/issues/123270" }, { "reference_url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6", "reference_id": "2231286d78d328c2f575e0b05b16fe447d1656d6", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307370", "reference_id": "2307370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307370" }, { "reference_url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e", "reference_id": "795f2597a4be988e2bb19b69ff9958e981cb894e", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e" }, { "reference_url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814", "reference_id": "7bc367e464ce50b956dd232c1dfa1cad4e7fb814", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814" }, { "reference_url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4", "reference_id": "7e8883a3f04d308302361aeffc73e0e9837f19d4", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4" }, { "reference_url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64", "reference_id": "8c7348939d8a3ecd79d630075f6be1b0c5b41f64", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64" }, { "reference_url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a", "reference_id": "95b073bddefa6243effa08e131e297c0383e7f6a", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a" }, { "reference_url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7", "reference_id": "962055268ed4f2ca1d717bfc8b6385de50a23ab7", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7" }, { "reference_url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932", "reference_id": "9cd03263100ddb1657826cc4a71470786cab3932", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932" }, { "reference_url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea", "reference_id": "dcc5182f27c1500006a1ef78e10613bb45788dea", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea" }, { "reference_url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db", "reference_id": "e0264a61119d551658d9445af38323ba94fc16db", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db" }, { "reference_url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798", "reference_id": "fc0b8259e693caa8400fa8b6ac1e494e47ea7798", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/", "reference_id": "GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5962", "reference_id": "RHSA-2024:5962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6163", "reference_id": "RHSA-2024:6163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6961", "reference_id": "RHSA-2024:6961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6962", "reference_id": "RHSA-2024:6962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9371", "reference_id": "RHSA-2024:9371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9371" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936203?format=api", "purl": "pkg:deb/debian/pypy3@7.3.18%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.18%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936183?format=api", "purl": "pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-8088" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnv8-yrd6-c7cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69467?format=api", "vulnerability_id": "VCID-q6g1-cjz3-77e4", "summary": "cpython: Tarfile extracts filtered members when errorlevel=0", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67692", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67642", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67688", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67711", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67696", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67663", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67699", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67712", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4435" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010", "reference_id": "2370010", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936204?format=api", "purl": "pkg:deb/debian/pypy3@7.3.20%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.20%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4435" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6g1-cjz3-77e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38889?format=api", "vulnerability_id": "VCID-z48d-eyxz-bycq", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83916", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.8389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83891", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83805", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83857", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957458", "reference_id": "1957458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195", "reference_id": "989195", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195" }, { "reference_url": "https://security.archlinux.org/AVG-1913", "reference_id": "AVG-1913", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4162", "reference_id": "RHSA-2021:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4162" }, { "reference_url": "https://usn.ubuntu.com/4973-1/", "reference_id": "USN-4973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4973-1/" }, { "reference_url": "https://usn.ubuntu.com/4973-2/", "reference_id": "USN-4973-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4973-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936191?format=api", "purl": "pkg:deb/debian/pypy3@7.3.8%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936180?format=api", "purl": "pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-7s7y-9bw5-m3ep" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-9nvp-aus1-9yed" }, { "vulnerability": "VCID-9sms-mhht-n3aq" }, { "vulnerability": "VCID-dnv8-yrd6-c7cv" }, { "vulnerability": "VCID-e6sb-bh7v-9ugg" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-qwhz-912b-8kh5" }, { "vulnerability": "VCID-smck-sdx2-c7du" }, { "vulnerability": "VCID-v186-7sv1-ubej" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936183?format=api", "purl": "pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-29921" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z48d-eyxz-bycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/352122?format=api", "vulnerability_id": "VCID-zxzn-25zt-ukct", "summary": "Mitgation of CVE-2026-4519 was incomplete. If the URL contained \"%action\" the mitigation could be bypassed for certain browser types the \"webbrowser.open()\" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02998", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0299", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05385", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05347", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/148169", "reference_id": "148169", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/issues/148169" }, { "reference_url": "https://github.com/python/cpython/pull/148170", "reference_id": "148170", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/pull/148170" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458049", "reference_id": "2458049", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458049" }, { "reference_url": "https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca", "reference_id": "c5767a72838a8dda9d6dc5d3558075b055c56bca", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca" }, { "reference_url": "https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff", "reference_id": "d22922c8a7958353689dc4763dd72da2dea03fff", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff" }, { "reference_url": "https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769", "reference_id": "f4654824ae0850ac87227fb270f9057477946769", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/", "reference_id": "JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10117", "reference_id": "RHSA-2026:10117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10140", "reference_id": "RHSA-2026:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10141", "reference_id": "RHSA-2026:10141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9228", "reference_id": "RHSA-2026:9228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9228" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936192?format=api", "purl": "pkg:deb/debian/pypy3@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-qwhz-912b-8kh5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936180?format=api", "purl": "pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-7s7y-9bw5-m3ep" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-9nvp-aus1-9yed" }, { "vulnerability": "VCID-9sms-mhht-n3aq" }, { "vulnerability": "VCID-dnv8-yrd6-c7cv" }, { "vulnerability": "VCID-e6sb-bh7v-9ugg" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-qwhz-912b-8kh5" }, { "vulnerability": "VCID-smck-sdx2-c7du" }, { "vulnerability": "VCID-v186-7sv1-ubej" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936183?format=api", "purl": "pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4786" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxzn-25zt-ukct" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@0%3Fdistro=trixie" }