Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936923?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "type": "deb", "namespace": "debian", "name": "python2.7", "version": "2.7.18-8+deb11u1", "qualifiers": { "distro": "bullseye" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31515?format=api", "vulnerability_id": "VCID-1hw3-vhwb-nkcd", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71903", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71904", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.719", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71854", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71871", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71842", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71859", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71824", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00692", "scoring_system": "epss", "scoring_elements": "0.71811", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12718" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/127987", "reference_id": "127987", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/issues/127987" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013", "reference_id": "2370013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:57:41Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-12718" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hw3-vhwb-nkcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6858?format=api", "vulnerability_id": "VCID-1mw1-384y-huc7", "summary": "Uncontrolled Resource Consumption\nAlgorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.", "references": [ { "reference_url": "http://bugs.python.org/issue17980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue17980" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89926", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89942", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89948", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89964", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.8997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89978", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89976", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89969", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89983", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89984", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.8998", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89997", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05238", "scoring_system": "epss", "scoring_elements": "0.89995", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2099" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066", "reference_id": "709066", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067", "reference_id": "709067", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068", "reference_id": "709068", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069", "reference_id": "709069", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070", "reference_id": "709070", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=963260", "reference_id": "963260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=963260" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1263", "reference_id": "RHSA-2014:1263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1690", "reference_id": "RHSA-2014:1690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0042", "reference_id": "RHSA-2015:0042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1166", "reference_id": "RHSA-2016:1166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1166" }, { "reference_url": "https://usn.ubuntu.com/1983-1/", "reference_id": "USN-1983-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1983-1/" }, { "reference_url": "https://usn.ubuntu.com/1984-1/", "reference_id": "USN-1984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1984-1/" }, { "reference_url": "https://usn.ubuntu.com/1985-1/", "reference_id": "USN-1985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936932?format=api", "purl": "pkg:deb/debian/python2.7@2.7.5-5?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.5-5%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2013-2099" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1mw1-384y-huc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64367?format=api", "vulnerability_id": "VCID-1pr1-jkqa-43g6", "summary": "cpython: CPython: Logging Bypass in Legacy .pyc File Handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2297.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2297.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04728", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04498", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04534", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04549", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04539", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04481", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0449", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04627", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04669", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04703", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2297" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/145506", "reference_id": "145506", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/" } ], "url": "https://github.com/python/cpython/issues/145506" }, { "reference_url": "https://github.com/python/cpython/pull/145507", "reference_id": "145507", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/" } ], "url": "https://github.com/python/cpython/pull/145507" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444691", "reference_id": "2444691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444691" }, { "reference_url": "https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e", "reference_id": "482d6f8bdba9da3725d272e8bb4a2d25fb6a603e", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/" } ], "url": "https://github.com/python/cpython/commit/482d6f8bdba9da3725d272e8bb4a2d25fb6a603e" }, { "reference_url": "https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e", "reference_id": "a51b1b512de1d56b3714b65628a2eae2b07e535e", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/" } ], "url": "https://github.com/python/cpython/commit/a51b1b512de1d56b3714b65628a2eae2b07e535e" }, { "reference_url": "https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86", "reference_id": "e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:58:41Z/" } ], "url": "https://github.com/python/cpython/commit/e58e9802b9bec5cdbf48fc9bf1da5f4fda482e86" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2026-2297" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1pr1-jkqa-43g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82500?format=api", "vulnerability_id": "VCID-1taa-a9e4-tbc5", "summary": "python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.79716", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.79723", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.79745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.7973", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.79759", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.79766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.79788", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82694", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82619", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82614", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82652", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82653", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82656", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82678", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01763", "scoring_system": "epss", "scoring_elements": "0.82688", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718388", "reference_id": "1718388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1587", "reference_id": "RHSA-2019:1587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1700", "reference_id": "RHSA-2019:1700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2437", "reference_id": "RHSA-2019:2437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2437" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936944?format=api", "purl": "pkg:deb/debian/python2.7@2.7.16-3?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-3%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-10160" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1taa-a9e4-tbc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34881?format=api", "vulnerability_id": "VCID-1u4y-mg1p-audj", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which allow remote attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://bugs.python.org/issue13703", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue13703" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "http://mail.python.org/pipermail/python-dev/2011-December/115116.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail.python.org/pipermail/python-dev/2011-December/115116.html" }, { "reference_url": "http://mail.python.org/pipermail/python-dev/2012-January/115892.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail.python.org/pipermail/python-dev/2012-January/115892.html" }, { "reference_url": "http://python.org/download/releases/2.6.8/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/2.6.8/" }, { "reference_url": "http://python.org/download/releases/2.7.3/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/2.7.3/" }, { "reference_url": "http://python.org/download/releases/3.1.5/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/3.1.5/" }, { "reference_url": "http://python.org/download/releases/3.2.3/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/3.2.3/" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1150.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1150.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82589", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82547", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82552", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82573", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82583", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82467", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82494", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01741", "scoring_system": "epss", "scoring_elements": "0.82515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01987", "scoring_system": "epss", "scoring_elements": "0.83542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01987", "scoring_system": "epss", "scoring_elements": "0.83557", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01987", "scoring_system": "epss", "scoring_elements": "0.8353", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150" }, { "reference_url": "http://secunia.com/advisories/50858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50858" }, { "reference_url": "http://secunia.com/advisories/51087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51087" }, { "reference_url": "http://secunia.com/advisories/51089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51089" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/03/10/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/03/10/3" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1592-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1592-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1596-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1596-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1615-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1615-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1616-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1616-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=750555", "reference_id": "750555", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750555" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1150", "reference_id": "CVE-2012-1150", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1150" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0744", "reference_id": "RHSA-2012:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0745", "reference_id": "RHSA-2012:0745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0745" }, { "reference_url": "https://usn.ubuntu.com/1592-1/", "reference_id": "USN-1592-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1592-1/" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1615-1/", "reference_id": "USN-1615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1615-1/" }, { "reference_url": "https://usn.ubuntu.com/1616-1/", "reference_id": "USN-1616-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1616-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936928?format=api", "purl": "pkg:deb/debian/python2.7@2.7.3~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.3~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2012-1150" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1u4y-mg1p-audj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87804?format=api", "vulnerability_id": "VCID-22da-bqwg-2fdf", "summary": "python: rgbimg: multiple security issues", "references": [ { "reference_url": "http://bugs.python.org/issue8678", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue8678" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1450.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86205", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86106", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86122", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.8614", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86152", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86166", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86164", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.8616", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86177", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86183", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86173", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86195", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02822", "scoring_system": "epss", "scoring_elements": "0.86204", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1450" }, { "reference_url": "http://secunia.com/advisories/42888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42888" }, { "reference_url": "http://secunia.com/advisories/43068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43068" }, { "reference_url": "http://secunia.com/advisories/43364", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43364" }, { "reference_url": "http://support.apple.com/kb/HT4435", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4435" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0260.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0260.html" }, { "reference_url": "http://www.securityfocus.com/bid/40365", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40365" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0122", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0122" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0413", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0413" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=541698", "reference_id": "541698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541698" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1450", "reference_id": "CVE-2010-1450", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0027", "reference_id": "RHSA-2011:0027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0260", "reference_id": "RHSA-2011:0260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0260" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2010-1450" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-22da-bqwg-2fdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78162?format=api", "vulnerability_id": "VCID-2czu-wy37-qugf", "summary": "python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26811", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26992", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26967", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26931", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26883", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26875", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26968", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27081", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2704", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26984", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238753", "reference_id": "2238753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238753" }, { "reference_url": "https://bugs.python.org/issue40791", "reference_id": "issue40791", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/" } ], "url": "https://bugs.python.org/issue40791" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0013/", "reference_id": "ntap-20231006-0013", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0013/" }, { "reference_url": "https://usn.ubuntu.com/6400-1/", "reference_id": "USN-6400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6400-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-48566" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2czu-wy37-qugf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36443?format=api", "vulnerability_id": "VCID-2j3t-a3r6-vfg7", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which might allow attackers to access sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23519", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23669", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23709", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23721", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2384", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23859", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2394", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24042", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935913", "reference_id": "1935913", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935913" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/", "reference_id": "25HVHLBGO2KNPXJ3G426QEYSSCECJDU5", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/" }, { "reference_url": "https://security.archlinux.org/AVG-1675", "reference_id": "AVG-1675", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1675" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/", "reference_id": "BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/", "reference_id": "DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/" }, { "reference_url": "https://security.gentoo.org/glsa/202104-04", "reference_id": "GLSA-202104-04", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://security.gentoo.org/glsa/202104-04" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/", "reference_id": "LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/", "reference_id": "N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210629-0003/", "reference_id": "ntap-20210629-0003", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210629-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/", "reference_id": "QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4162", "reference_id": "RHSA-2021:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4399", "reference_id": "RHSA-2021:4399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4399" }, { "reference_url": "https://usn.ubuntu.com/5342-1/", "reference_id": "USN-5342-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5342-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5342-3/", "reference_id": "USN-USN-5342-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5342-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/", "reference_id": "VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-3426" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2j3t-a3r6-vfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42640?format=api", "vulnerability_id": "VCID-2shb-2cvn-dyd2", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24329", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01081", "scoring_system": "epss", "scoring_elements": "0.77879", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01081", "scoring_system": "epss", "scoring_elements": "0.77911", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.80742", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.80822", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.80808", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.8078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.80778", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.8075", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81581", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81602", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81653", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81633", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.816", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24329" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/102153", "reference_id": "102153", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://github.com/python/cpython/issues/102153" }, { "reference_url": "https://www.kb.cert.org/vuls/id/127587", "reference_id": "127587", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://www.kb.cert.org/vuls/id/127587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173917", "reference_id": "2173917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173917" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/", "reference_id": "6PEVICI7YNGGMSL3UCMWGE66QFLATH72", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/" }, { "reference_url": "https://github.com/python/cpython/pull/99421", "reference_id": "99421", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://github.com/python/cpython/pull/99421" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/", "reference_id": "DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/", "reference_id": "EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/", "reference_id": "F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/", "reference_id": "GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/", "reference_id": "H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/", "reference_id": "JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/", "reference_id": "LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/", "reference_id": "MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230324-0004/", "reference_id": "ntap-20230324-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230324-0004/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/", "reference_id": "O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", "reference_id": "OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", "reference_id": "PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", "reference_id": "PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/" }, { "reference_url": "https://pointernull.com/security/python-url-parse-problem.html", "reference_id": "python-url-parse-problem.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://pointernull.com/security/python-url-parse-problem.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/", "reference_id": "Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/", "reference_id": "QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/", "reference_id": "RA2MBEEES6L46OD64OBSVUUMGKNGMOWW", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3550", "reference_id": "RHSA-2023:3550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3555", "reference_id": "RHSA-2023:3555", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3555" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3556", "reference_id": "RHSA-2023:3556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3585", "reference_id": "RHSA-2023:3585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3591", "reference_id": "RHSA-2023:3591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3594", "reference_id": "RHSA-2023:3594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3595", "reference_id": "RHSA-2023:3595", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3595" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3776", "reference_id": "RHSA-2023:3776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3777", "reference_id": "RHSA-2023:3777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3780", "reference_id": "RHSA-2023:3780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3781", "reference_id": "RHSA-2023:3781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3796", "reference_id": "RHSA-2023:3796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3810", "reference_id": "RHSA-2023:3810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3811", "reference_id": "RHSA-2023:3811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3931", "reference_id": "RHSA-2023:3931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3932", "reference_id": "RHSA-2023:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3934", "reference_id": "RHSA-2023:3934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3935", "reference_id": "RHSA-2023:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3936", "reference_id": "RHSA-2023:3936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4004", "reference_id": "RHSA-2023:4004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4008", "reference_id": "RHSA-2023:4008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4032", "reference_id": "RHSA-2023:4032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4038", "reference_id": "RHSA-2023:4038", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4203", "reference_id": "RHSA-2023:4203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4282", "reference_id": "RHSA-2023:4282", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6793", "reference_id": "RHSA-2023:6793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6793" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/", "reference_id": "T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/", "reference_id": "TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/", "reference_id": "U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/", "reference_id": "UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/5960-1/", "reference_id": "USN-5960-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5960-1/" }, { "reference_url": "https://usn.ubuntu.com/6139-1/", "reference_id": "USN-6139-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6139-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/", "reference_id": "WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-24329" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2shb-2cvn-dyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75343?format=api", "vulnerability_id": "VCID-2v5u-2z4w-ffgx", "summary": "python: incorrect IPv4 and IPv6 private ranges", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78371", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78355", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78348", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78316", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.7832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78288", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78243", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78274", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78256", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78282", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/113171", "reference_id": "113171", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/issues/113171" }, { "reference_url": "https://github.com/python/cpython/pull/113179", "reference_id": "113179", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/pull/113179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292921", "reference_id": "2292921", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292921" }, { "reference_url": "https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8", "reference_id": "22adf29da8d99933ffed8647d3e0726edd16f7f8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/17/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/3" }, { "reference_url": "https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f", "reference_id": "40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f" }, { "reference_url": "https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3", "reference_id": "895f7e2ac23eff4743143beef0f0c5ac71ea27d3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3" }, { "reference_url": "https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb", "reference_id": "ba431579efdcbaed7a96f2ac4ea0775879a332fb", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb" }, { "reference_url": "https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906", "reference_id": "c62c9e518b784fe44432a3f4fc265fb95b651906", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906" }, { "reference_url": "https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3", "reference_id": "f86b17ac511e68192ba71f27e752321a3252cee3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3" }, { "reference_url": "https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml", "reference_id": "iana-ipv4-special-registry.xhtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml" }, { "reference_url": "https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml", "reference_id": "iana-ipv6-special-registry.xhtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/", "reference_id": "NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240726-0004/", "reference_id": "ntap-20240726-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240726-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4766", "reference_id": "RHSA-2024:4766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4779", "reference_id": "RHSA-2024:4779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5962", "reference_id": "RHSA-2024:5962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6030", "reference_id": "RHSA-2024:6030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6961", "reference_id": "RHSA-2024:6961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6962", "reference_id": "RHSA-2024:6962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6975", "reference_id": "RHSA-2024:6975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7417", "reference_id": "RHSA-2024:7417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://usn.ubuntu.com/6928-1/", "reference_id": "USN-6928-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6928-1/" }, { "reference_url": "https://usn.ubuntu.com/6941-1/", "reference_id": "USN-6941-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6941-1/" }, { "reference_url": "https://usn.ubuntu.com/7348-1/", "reference_id": "USN-7348-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7348-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-4032" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2v5u-2z4w-ffgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83126?format=api", "vulnerability_id": "VCID-34fd-g6ss-t3fj", "summary": "python: Integer overflow in Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20406.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20406.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83613", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83755", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83715", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83739", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83747", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83626", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.8364", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83642", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83666", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83673", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83689", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83683", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83679", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83714", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20406" }, { "reference_url": "https://bugs.python.org/issue34656", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue34656" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190416-0010/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190416-0010/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664509", "reference_id": "1664509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664509" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20406", "reference_id": "CVE-2018-20406", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-20406" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34fd-g6ss-t3fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86043?format=api", "vulnerability_id": "VCID-3mu8-g6x3-effb", "summary": "python: http protocol steam injection attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97025", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97035", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97039", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.9704", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.9705", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97054", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97059", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.9706", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97063", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.35276", "scoring_system": "epss", "scoring_elements": "0.97064", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303699", "reference_id": "1303699", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1626", "reference_id": "RHSA-2016:1626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1627", "reference_id": "RHSA-2016:1627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1628", "reference_id": "RHSA-2016:1628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1629", "reference_id": "RHSA-2016:1629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1630", "reference_id": "RHSA-2016:1630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1630" }, { "reference_url": "https://usn.ubuntu.com/3134-1/", "reference_id": "USN-3134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936939?format=api", "purl": "pkg:deb/debian/python2.7@2.7.10~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.10~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2016-5699" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mu8-g6x3-effb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31516?format=api", "vulnerability_id": "VCID-4afh-28ss-mudf", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50673", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50648", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50699", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50748", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.5075", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50756", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50736", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50685", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50693", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4138" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426", "reference_id": "2372426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:29:22Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2025-4138" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4afh-28ss-mudf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81078?format=api", "vulnerability_id": "VCID-4pej-k4vs-j3d2", "summary": "python: sys.path allowing code to be loaded from arbitrary locations", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15801.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69871", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69947", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69976", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69987", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69969", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70019", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70028", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15801" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860242", "reference_id": "1860242", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860242" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2020-15801" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pej-k4vs-j3d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63531?format=api", "vulnerability_id": "VCID-4py6-hkzp-v3d4", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1260" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1060.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76425", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76486", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.7643", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.7644", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76472", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76512", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76491", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01049", "scoring_system": "epss", "scoring_elements": "0.77527", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78398", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78414", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78391", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78361", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78359", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78357", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1060" }, { "reference_url": "https://bugs.python.org/issue32981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue32981" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647" }, { "reference_url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1" }, { "reference_url": "https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4306" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4307" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "http://www.securitytracker.com/id/1042001", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1042001" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549191", "reference_id": "1549191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549191" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1060", "reference_id": "CVE-2018-1060", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3041", "reference_id": "RHSA-2018:3041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1268", "reference_id": "RHSA-2020:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1346", "reference_id": "RHSA-2020:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1346" }, { "reference_url": "https://usn.ubuntu.com/3817-1/", "reference_id": "USN-3817-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-1/" }, { "reference_url": "https://usn.ubuntu.com/3817-2/", "reference_id": "USN-3817-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936943?format=api", "purl": "pkg:deb/debian/python2.7@2.7.14-7?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.14-7%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-1060" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4py6-hkzp-v3d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78163?format=api", "vulnerability_id": "VCID-4q79-666d-rygx", "summary": "python: XML External Entity in XML processing plistlib module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91625", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91676", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91661", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91663", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.9166", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91681", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91674", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.9168", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91678", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91639", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91651", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07274", "scoring_system": "epss", "scoring_elements": "0.91657", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240059", "reference_id": "2240059", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240059" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/", "reference_id": "AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/", "reference_id": "BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/" }, { "reference_url": "https://bugs.python.org/issue42051", "reference_id": "issue42051", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://bugs.python.org/issue42051" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/", "reference_id": "KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0007/", "reference_id": "ntap-20231006-0007", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2987", "reference_id": "RHSA-2024:2987", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2987" }, { "reference_url": "https://usn.ubuntu.com/6354-1/", "reference_id": "USN-6354-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6354-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-48565" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4q79-666d-rygx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42641?format=api", "vulnerability_id": "VCID-4z89-3tfk-pyge", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.69003", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68929", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68938", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68909", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.6895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.6896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.6894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68991", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68997", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69341", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69324", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69321", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235789", "reference_id": "2235789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235789" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0014/", "reference_id": "ntap-20231006-0014", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0014/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/", "reference_id": "PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5456", "reference_id": "RHSA-2023:5456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5462", "reference_id": "RHSA-2023:5462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5463", "reference_id": "RHSA-2023:5463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5472", "reference_id": "RHSA-2023:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5528", "reference_id": "RHSA-2023:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5531", "reference_id": "RHSA-2023:5531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5990", "reference_id": "RHSA-2023:5990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5991", "reference_id": "RHSA-2023:5991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5992", "reference_id": "RHSA-2023:5992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5993", "reference_id": "RHSA-2023:5993", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5993" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5994", "reference_id": "RHSA-2023:5994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5995", "reference_id": "RHSA-2023:5995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5996", "reference_id": "RHSA-2023:5996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5997", "reference_id": "RHSA-2023:5997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5998", "reference_id": "RHSA-2023:5998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6068", "reference_id": "RHSA-2023:6068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6069", "reference_id": "RHSA-2023:6069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6290", "reference_id": "RHSA-2023:6290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6793", "reference_id": "RHSA-2023:6793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6823", "reference_id": "RHSA-2023:6823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6885", "reference_id": "RHSA-2023:6885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6885" }, { "reference_url": "https://www.python.org/dev/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://www.python.org/dev/security/" }, { "reference_url": "https://usn.ubuntu.com/6513-1/", "reference_id": "USN-6513-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6513-1/" }, { "reference_url": "https://usn.ubuntu.com/6513-2/", "reference_id": "USN-6513-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6513-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-40217" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4z89-3tfk-pyge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82434?format=api", "vulnerability_id": "VCID-57c6-hx7f-efc6", "summary": "python: CRLF injection via the host part of the url passed to urlopen()", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85746", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.8587", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85838", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.8586", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85869", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85758", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85777", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85783", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85802", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85827", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85824", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.8582", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85839", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02672", "scoring_system": "epss", "scoring_elements": "0.85844", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18348" }, { "reference_url": "https://bugs.python.org/issue30458#msg347282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue30458#msg347282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191107-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191107-0004/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", "reference_id": "1727276", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727276" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18348", "reference_id": "CVE-2019-18348", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4273", "reference_id": "RHSA-2020:4273", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4285", "reference_id": "RHSA-2020:4285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4285" }, { "reference_url": "https://usn.ubuntu.com/4333-1/", "reference_id": "USN-4333-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4333-1/" }, { "reference_url": "https://usn.ubuntu.com/4333-2/", "reference_id": "USN-4333-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4333-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936946?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-18348" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57c6-hx7f-efc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31521?format=api", "vulnerability_id": "VCID-757r-fs6p-qqdd", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53606", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53579", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53671", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53625", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60903", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6091", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60907", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60923", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.60898", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016", "reference_id": "2370016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:18Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-03T13:28:11Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11386", "reference_id": "RHSA-2025:11386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2025-4517" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-757r-fs6p-qqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63533?format=api", "vulnerability_id": "VCID-7jat-6ags-qbdr", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14647.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14647.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14647", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81857", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81879", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81902", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81928", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81911", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81947", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81949", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81971", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81982", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01634", "scoring_system": "epss", "scoring_elements": "0.81988", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14647" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631822", "reference_id": "1631822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631822" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921039", "reference_id": "921039", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921039" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2030", "reference_id": "RHSA-2019:2030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1268", "reference_id": "RHSA-2020:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1346", "reference_id": "RHSA-2020:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1462", "reference_id": "RHSA-2020:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1462" }, { "reference_url": "https://usn.ubuntu.com/3817-1/", "reference_id": "USN-3817-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-1/" }, { "reference_url": "https://usn.ubuntu.com/3817-2/", "reference_id": "USN-3817-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936942?format=api", "purl": "pkg:deb/debian/python2.7@2.7.15-5?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.15-5%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-14647" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7jat-6ags-qbdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42639?format=api", "vulnerability_id": "VCID-7ka5-7jrn-dber", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6597.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22818", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23185", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22974", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23101", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23121", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23028", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23041", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23033", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22994", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22828", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22823", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a", "reference_id": "02a9259c717738dfe6b463c44d7e17f2b6d2cb3a", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135", "reference_id": "1070135", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276518", "reference_id": "2276518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276518" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/20/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5" }, { "reference_url": "https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25", "reference_id": "5585334d772b253a01a6730e8202ffb1607c3d25", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25" }, { "reference_url": "https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5", "reference_id": "6ceb8aeda504b079fef7a57b8d81472f15cdd9a5", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5" }, { "reference_url": "https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d", "reference_id": "81c16cd94ec38d61aa478b9a452436dc3b1b524d", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d" }, { "reference_url": "https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82", "reference_id": "8eaeefe49d179ca4908d052745e3bb8b6f238f82", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82" }, { "reference_url": "https://github.com/python/cpython/issues/91133", "reference_id": "91133", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/issues/91133" }, { "reference_url": "https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b", "reference_id": "d54e22a669ae6e987199bb5d2c69bb5a46b0083b", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/", "reference_id": "Q5C6ATFC67K53XFV4KE45325S7NS62LD", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3347", "reference_id": "RHSA-2024:3347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3391", "reference_id": "RHSA-2024:3391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3466", "reference_id": "RHSA-2024:3466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4058", "reference_id": "RHSA-2024:4058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4077", "reference_id": "RHSA-2024:4077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4078", "reference_id": "RHSA-2024:4078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4166", "reference_id": "RHSA-2024:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4370", "reference_id": "RHSA-2024:4370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4406", "reference_id": "RHSA-2024:4406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4456", "reference_id": "RHSA-2024:4456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4896", "reference_id": "RHSA-2024:4896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5535", "reference_id": "RHSA-2024:5535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5689", "reference_id": "RHSA-2024:5689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0364", "reference_id": "RHSA-2025:0364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0646", "reference_id": "RHSA-2025:0646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0650", "reference_id": "RHSA-2025:0650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0832", "reference_id": "RHSA-2025:0832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1116", "reference_id": "RHSA-2025:1116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1120", "reference_id": "RHSA-2025:1120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2705", "reference_id": "RHSA-2025:2705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2705" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/", "reference_id": "T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/", "reference_id": "U5VHWS52HGD743C47UMCSAK2A773M2YE", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-6597" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ka5-7jrn-dber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78164?format=api", "vulnerability_id": "VCID-7nj2-94zp-d3bp", "summary": "python: DoS when processing malformed Apple Property List files in binary format", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48564.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48564.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48564", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.2725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27044", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27159", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27165", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27064", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27072", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27008", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.26962", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.26955", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.2689", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48564" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249750", "reference_id": "2249750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0114", "reference_id": "RHSA-2024:0114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0430", "reference_id": "RHSA-2024:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0586", "reference_id": "RHSA-2024:0586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0586" }, { "reference_url": "https://usn.ubuntu.com/6513-1/", "reference_id": "USN-6513-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6513-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-48564" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7nj2-94zp-d3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50410?format=api", "vulnerability_id": "VCID-7q8s-6emv-ykhx", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7338.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7338.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05918", "scoring_system": "epss", "scoring_elements": "0.90566", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05918", "scoring_system": "epss", "scoring_elements": "0.90571", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05918", "scoring_system": "epss", "scoring_elements": "0.90581", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05918", "scoring_system": "epss", "scoring_elements": "0.9059", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91959", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91965", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91967", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91983", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.9198", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91976", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91981", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0778", "scoring_system": "epss", "scoring_elements": "0.91979", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7338" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078014", "reference_id": "1078014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078014" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2013-7338" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q8s-6emv-ykhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50414?format=api", "vulnerability_id": "VCID-8aq9-8cf5-qbet", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "http://bugs.python.org/issue22417", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue22417" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84093", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84106", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84123", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84148", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84154", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84171", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84166", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84161", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84184", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84189", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84215", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84222", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02127", "scoring_system": "epss", "scoring_elements": "0.84228", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365" }, { "reference_url": "https://security.gentoo.org/glsa/201503-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-10" }, { "reference_url": "https://support.apple.com/kb/HT205031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205031" }, { "reference_url": "https://www.python.org/dev/peps/pep-0476/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.python.org/dev/peps/pep-0476/" }, { "reference_url": "https://www.python.org/downloads/release/python-279/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.python.org/downloads/release/python-279/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/12/11/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/12/11/1" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "reference_url": "http://www.securityfocus.com/bid/71639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71639" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173041", "reference_id": "1173041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1173041" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.6:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9365", "reference_id": "CVE-2014-9365", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1162", "reference_id": "RHSA-2017:1162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1868", "reference_id": "RHSA-2017:1868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936931?format=api", "purl": "pkg:deb/debian/python2.7@2.7.9-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2014-9365" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8aq9-8cf5-qbet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86237?format=api", "vulnerability_id": "VCID-8jfv-cqa8-7yb6", "summary": "python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06019", "scoring_system": "epss", "scoring_elements": "0.9067", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06019", "scoring_system": "epss", "scoring_elements": "0.90675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06019", "scoring_system": "epss", "scoring_elements": "0.90685", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91619", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91626", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91636", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91641", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91639", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07232", "scoring_system": "epss", "scoring_elements": "0.91613", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1113527", "reference_id": "1113527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1113527" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt", "reference_id": "CVE-2014-4650;OSVDB-108369", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt" }, { "reference_url": "https://www.redteam-pentesting.de/advisories/rt-sa-2014-008", "reference_id": "CVE-2014-4650;OSVDB-108369", "reference_type": "exploit", "scores": [], "url": "https://www.redteam-pentesting.de/advisories/rt-sa-2014-008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1064", "reference_id": "RHSA-2015:1064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1330", "reference_id": "RHSA-2015:1330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2101", "reference_id": "RHSA-2015:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2101" }, { "reference_url": "https://usn.ubuntu.com/2653-1/", "reference_id": "USN-2653-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2653-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936936?format=api", "purl": "pkg:deb/debian/python2.7@2.7.8-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.8-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2014-4650" ], "risk_score": 5.2, "exploitability": "2.0", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jfv-cqa8-7yb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31517?format=api", "vulnerability_id": "VCID-8zdt-4q7m-t7ht", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77214", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.7708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77122", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77149", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77123", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77166", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77158", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77192", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77199", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4330" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014", "reference_id": "2370014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f", "reference_id": "52398e33eff261329a0180ac1d54f42f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:27:07Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2025-4330" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zdt-4q7m-t7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64939?format=api", "vulnerability_id": "VCID-94n7-6q4s-3udv", "summary": "cpython: Header injection via newlines in data URL mediatype in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13418", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13476", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13472", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13543", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13555", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13527", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15282" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0", "reference_id": "05356b1cc153108aaf27f3b72ce438af4aa218c0", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/05356b1cc153108aaf27f3b72ce438af4aa218c0" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779", "reference_id": "1126779", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126779" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780", "reference_id": "1126780", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126780" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781", "reference_id": "1126781", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126781" }, { "reference_url": "https://github.com/python/cpython/issues/143925", "reference_id": "143925", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/issues/143925" }, { "reference_url": "https://github.com/python/cpython/pull/143926", "reference_id": "143926", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/pull/143926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431366", "reference_id": "2431366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431366" }, { "reference_url": "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38", "reference_id": "34d76b00dabde81a793bd06dd8ecb057838c4b38", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/34d76b00dabde81a793bd06dd8ecb057838c4b38" }, { "reference_url": "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "reference_id": "3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/3f396ca9d7bbe2a50ea6b8c9b27c0082884d9f80" }, { "reference_url": "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47", "reference_id": "4ed11d3cd288e6b90196a15c5a825a45d318fe47", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/4ed11d3cd288e6b90196a15c5a825a45d318fe47" }, { "reference_url": "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a", "reference_id": "a35ca3be5842505dab74dc0b90b89cde0405017a", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/a35ca3be5842505dab74dc0b90b89cde0405017a" }, { "reference_url": "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f", "reference_id": "f25509e78e8be6ea73c811ac2b8c928c28841b9f", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://github.com/python/cpython/commit/f25509e78e8be6ea73c811ac2b8c928c28841b9f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" }, { "reference_url": "https://usn.ubuntu.com/8018-3/", "reference_id": "USN-8018-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-3/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/", "reference_id": "X66HL7SISGJT33J53OHXMZT4DFLMHVKF", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:21Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/X66HL7SISGJT33J53OHXMZT4DFLMHVKF/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2025-15282" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94n7-6q4s-3udv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55569?format=api", "vulnerability_id": "VCID-9jj2-hsne-mbac", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4238.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01382", "scoring_system": "epss", "scoring_elements": "0.80381", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01382", "scoring_system": "epss", "scoring_elements": "0.80332", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01382", "scoring_system": "epss", "scoring_elements": "0.80364", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01382", "scoring_system": "epss", "scoring_elements": "0.80358", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01382", "scoring_system": "epss", "scoring_elements": "0.80328", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.8622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.86237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.86224", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.86182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.86201", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.86212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02847", "scoring_system": "epss", "scoring_elements": "0.86227", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86252", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86279", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86262", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566", "reference_id": "719566", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=996381", "reference_id": "996381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=996381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1527", "reference_id": "RHSA-2013:1527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1582", "reference_id": "RHSA-2013:1582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1582" }, { "reference_url": "https://usn.ubuntu.com/1982-1/", "reference_id": "USN-1982-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1982-1/" }, { "reference_url": "https://usn.ubuntu.com/1983-1/", "reference_id": "USN-1983-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1983-1/" }, { "reference_url": "https://usn.ubuntu.com/1984-1/", "reference_id": "USN-1984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1984-1/" }, { "reference_url": "https://usn.ubuntu.com/1985-1/", "reference_id": "USN-1985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936933?format=api", "purl": "pkg:deb/debian/python2.7@2.7.5-8?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.5-8%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2013-4238" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9jj2-hsne-mbac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59776?format=api", "vulnerability_id": "VCID-9mcr-rmtb-mufj", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html" }, { "reference_url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3335" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.92982", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93031", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93022", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93029", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93035", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.9299", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.92994", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.92993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93001", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.9301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.93009", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0991", "scoring_system": "epss", "scoring_elements": "0.9302", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9740" }, { "reference_url": "https://bugs.python.org/issue36276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue36276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/29", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Oct/29" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190619-0005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190619-0005/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/02/04/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/02/04/2" }, { "reference_url": "http://www.securityfocus.com/bid/107466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107466" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688169", "reference_id": "1688169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688169" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9740", "reference_id": "CVE-2019-9740", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9740" }, { "reference_url": "https://security.gentoo.org/glsa/202003-26", "reference_id": "GLSA-202003-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2030", "reference_id": "RHSA-2019:2030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3520", "reference_id": "RHSA-2019:3520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1268", "reference_id": "RHSA-2020:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1346", "reference_id": "RHSA-2020:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1462", "reference_id": "RHSA-2020:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1462" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936944?format=api", "purl": "pkg:deb/debian/python2.7@2.7.16-3?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-3%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-9740" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9mcr-rmtb-mufj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34874?format=api", "vulnerability_id": "VCID-a7h6-8ece-kqec", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which allow remote attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://bugs.python.org/issue8674", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue8674" }, { "reference_url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1634.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78843", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78872", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.7888", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01196", "scoring_system": "epss", "scoring_elements": "0.78909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79089", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79104", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79036", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79026", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79055", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.7905", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79083", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634" }, { "reference_url": "http://secunia.com/advisories/39937", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39937" }, { "reference_url": "http://secunia.com/advisories/40194", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40194" }, { "reference_url": "http://secunia.com/advisories/42888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42888" }, { "reference_url": "http://secunia.com/advisories/43068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43068" }, { "reference_url": "http://secunia.com/advisories/50858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50858" }, { "reference_url": "http://secunia.com/advisories/51024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51024" }, { "reference_url": "http://secunia.com/advisories/51040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51040" }, { "reference_url": "http://secunia.com/advisories/51087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51087" }, { "reference_url": "http://support.apple.com/kb/HT5002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5002" }, { "reference_url": "http://svn.python.org/view?rev=81045&view=rev", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.python.org/view?rev=81045&view=rev" }, { "reference_url": "http://svn.python.org/view?rev=81079&view=rev", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.python.org/view?rev=81079&view=rev" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html" }, { "reference_url": "http://www.securityfocus.com/bid/40370", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40370" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1596-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1596-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1616-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1616-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1448" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0122", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0122" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=590690", "reference_id": "590690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=590690" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1634", "reference_id": "CVE-2010-1634", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1634" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0027", "reference_id": "RHSA-2011:0027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-1/", "reference_id": "USN-1613-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-2/", "reference_id": "USN-1613-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-2/" }, { "reference_url": "https://usn.ubuntu.com/1616-1/", "reference_id": "USN-1616-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1616-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936925?format=api", "purl": "pkg:deb/debian/python2.7@2.7-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2010-1634" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a7h6-8ece-kqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38942?format=api", "vulnerability_id": "VCID-a8mv-mr3q-vygz", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09956", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10004", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10026", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10002", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10042", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11412", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1157", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11482", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11523", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138705", "reference_id": "2138705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138705" }, { "reference_url": "https://github.com/python/cpython/issues/97514", "reference_id": "97514", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/issues/97514" }, { "reference_url": "https://github.com/python/cpython/issues/97514#issuecomment-1310277840", "reference_id": "97514#issuecomment-1310277840", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/issues/97514#issuecomment-1310277840" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/", "reference_id": "FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0006/", "reference_id": "ntap-20221209-0006", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0006/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/", "reference_id": "P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/", "reference_id": "PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/", "reference_id": "QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/", "reference_id": "R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/", "reference_id": "RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8492", "reference_id": "RHSA-2022:8492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8493", "reference_id": "RHSA-2022:8493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8493" }, { "reference_url": "https://usn.ubuntu.com/5713-1/", "reference_id": "USN-5713-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5713-1/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://github.com/python/cpython/compare/v3.10.8...v3.10.9", "reference_id": "v3.10.8...v3.10.9", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/compare/v3.10.8...v3.10.9" }, { "reference_url": "https://github.com/python/cpython/compare/v3.9.15...v3.9.16", "reference_id": "v3.9.15...v3.9.16", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/compare/v3.9.15...v3.9.16" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/", "reference_id": "VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/", "reference_id": "XX6LLAXGZVZ327REY6MDZRMMP47LJ53P", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-42919" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8mv-mr3q-vygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34880?format=api", "vulnerability_id": "VCID-atth-tm5r-nfc8", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which allow remote attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://bugs.python.org/issue14001", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue14001" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "http://python.org/download/releases/2.6.8/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/2.6.8/" }, { "reference_url": "http://python.org/download/releases/2.7.3/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/2.7.3/" }, { "reference_url": "http://python.org/download/releases/3.1.5/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/3.1.5/" }, { "reference_url": "http://python.org/download/releases/3.2.3/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://python.org/download/releases/3.2.3/" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0845.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0845.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.8609", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86064", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86069", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86061", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86081", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86091", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.8601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.8603", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86039", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86053", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86051", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02773", "scoring_system": "epss", "scoring_elements": "0.86046", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03255", "scoring_system": "epss", "scoring_elements": "0.87087", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03255", "scoring_system": "epss", "scoring_elements": "0.87105", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03255", "scoring_system": "epss", "scoring_elements": "0.87076", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0845" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845" }, { "reference_url": "http://secunia.com/advisories/50858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50858" }, { "reference_url": "http://secunia.com/advisories/51024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51024" }, { "reference_url": "http://secunia.com/advisories/51040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51040" }, { "reference_url": "http://secunia.com/advisories/51087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51087" }, { "reference_url": "http://secunia.com/advisories/51089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51089" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/02/13/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/02/13/4" }, { "reference_url": "http://www.securitytracker.com/id?1026689", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1026689" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1592-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1592-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1596-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1596-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1615-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1615-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1616-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1616-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=789790", "reference_id": "789790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789790" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0845", "reference_id": "CVE-2012-0845", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0845" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0744", "reference_id": "RHSA-2012:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0744" }, { "reference_url": "https://usn.ubuntu.com/1592-1/", "reference_id": "USN-1592-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1592-1/" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-1/", "reference_id": "USN-1613-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-2/", "reference_id": "USN-1613-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-2/" }, { "reference_url": "https://usn.ubuntu.com/1615-1/", "reference_id": "USN-1615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1615-1/" }, { "reference_url": "https://usn.ubuntu.com/1616-1/", "reference_id": "USN-1616-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1616-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936928?format=api", "purl": "pkg:deb/debian/python2.7@2.7.3~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.3~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2012-0845" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-atth-tm5r-nfc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64945?format=api", "vulnerability_id": "VCID-bn83-d2qp-9bfy", "summary": "cpython: Missing character filtering in Python", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11561", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11649", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11734", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11787", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11759", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11597", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11718", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11676", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11637", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11468" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094", "reference_id": "003b8315669b9f08b1010a49071f73f15f818094", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/003b8315669b9f08b1010a49071f73f15f818094" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786", "reference_id": "1126786", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126786" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787", "reference_id": "1126787", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126787" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788", "reference_id": "1126788", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126788" }, { "reference_url": "https://github.com/python/cpython/issues/143935", "reference_id": "143935", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/issues/143935" }, { "reference_url": "https://github.com/python/cpython/pull/143936", "reference_id": "143936", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/pull/143936" }, { "reference_url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "reference_id": "17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431375", "reference_id": "2431375", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431375" }, { "reference_url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6", "reference_id": "61614a5e5056e4f61ced65008d4576f3df34acb6", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/61614a5e5056e4f61ced65008d4576f3df34acb6" }, { "reference_url": "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "reference_id": "a76e4cd62dd68e7cbe86e37e6ed988495a646b66", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/a76e4cd62dd68e7cbe86e37e6ed988495a646b66" }, { "reference_url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "reference_id": "e9970f077240c7c670e8a6fc6662f2b30d3b6ad0", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/e9970f077240c7c670e8a6fc6662f2b30d3b6ad0" }, { "reference_url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796", "reference_id": "f738386838021c762efea6c9802c82de65e87796", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://github.com/python/cpython/commit/f738386838021c762efea6c9802c82de65e87796" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/", "reference_id": "FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:40:23Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/FELSEOLBI2QR6YLG6Q7VYF7FWSGQTKLI/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7443", "reference_id": "RHSA-2026:7443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7661", "reference_id": "RHSA-2026:7661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://usn.ubuntu.com/8018-1/", "reference_id": "USN-8018-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8018-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2025-11468" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn83-d2qp-9bfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51186?format=api", "vulnerability_id": "VCID-c97c-3177-wkhx", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5636.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97216", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97259", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97257", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97258", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97222", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97227", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97228", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97238", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97239", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97242", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97243", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97252", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.38587", "scoring_system": "epss", "scoring_elements": "0.97254", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5636" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1345856", "reference_id": "1345856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1345856" }, { "reference_url": "https://security.gentoo.org/glsa/201701-18", "reference_id": "GLSA-201701-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2586", "reference_id": "RHSA-2016:2586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2586" }, { "reference_url": "https://usn.ubuntu.com/3134-1/", "reference_id": "USN-3134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936937?format=api", "purl": "pkg:deb/debian/python2.7@2.7.12~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.12~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2016-5636" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c97c-3177-wkhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50260?format=api", "vulnerability_id": "VCID-dkxn-j9dr-sqbp", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21875", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21873", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21696", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2168", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21842", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21688", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21902", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21958", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21882", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2193", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22421", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22589", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168", "reference_id": "1918168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168" }, { "reference_url": "https://github.com/python/cpython/pull/24239", "reference_id": "24239", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://github.com/python/cpython/pull/24239" }, { "reference_url": "https://security.archlinux.org/ASA-202102-37", "reference_id": "ASA-202102-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-37" }, { "reference_url": "https://security.archlinux.org/AVG-1465", "reference_id": "AVG-1465", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1465" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/", "reference_id": "BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/", "reference_id": "CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/" }, { "reference_url": "https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html", "reference_id": "ctypes-buffer-overflow-pycarg_repr.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/", "reference_id": "FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/", "reference_id": "FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/" }, { "reference_url": "https://security.gentoo.org/glsa/202101-18", "reference_id": "GLSA-202101-18", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://security.gentoo.org/glsa/202101-18" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/", "reference_id": "HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/" }, { "reference_url": "https://bugs.python.org/issue42938", "reference_id": "issue42938", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://bugs.python.org/issue42938" }, { "reference_url": "https://news.ycombinator.com/item?id=26185005", "reference_id": "item?id=26185005", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://news.ycombinator.com/item?id=26185005" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/", "reference_id": "MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/", "reference_id": "MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/", "reference_id": "NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/", "reference_id": "NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210226-0003/", "reference_id": "ntap-20210226-0003", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210226-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/", "reference_id": "NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1633", "reference_id": "RHSA-2021:1633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1761", "reference_id": "RHSA-2021:1761", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1761" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1879", "reference_id": "RHSA-2021:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3252", "reference_id": "RHSA-2021:3252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5235", "reference_id": "RHSA-2022:5235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5235" }, { "reference_url": "https://usn.ubuntu.com/4754-1/", "reference_id": "USN-4754-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4754-1/" }, { "reference_url": "https://usn.ubuntu.com/4754-3/", "reference_id": "USN-4754-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4754-3/" }, { "reference_url": "https://usn.ubuntu.com/4754-4/", "reference_id": "USN-4754-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4754-4/" }, { "reference_url": "https://usn.ubuntu.com/4754-5/", "reference_id": "USN-4754-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4754-5/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/", "reference_id": "V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/", "reference_id": "Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/", "reference_id": "YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/", "reference_id": "Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936947?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-3177" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dkxn-j9dr-sqbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31513?format=api", "vulnerability_id": "VCID-dnv8-yrd6-c7cv", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4575", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45809", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45799", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4593", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45869", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45877", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45825", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45853", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8088" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1", "reference_id": "0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1" }, { "reference_url": "https://github.com/python/cpython/issues/122905", "reference_id": "122905", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/issues/122905" }, { "reference_url": "https://github.com/python/cpython/pull/122906", "reference_id": "122906", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/pull/122906" }, { "reference_url": "https://github.com/python/cpython/issues/123270", "reference_id": "123270", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/issues/123270" }, { "reference_url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6", "reference_id": "2231286d78d328c2f575e0b05b16fe447d1656d6", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307370", "reference_id": "2307370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307370" }, { "reference_url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e", "reference_id": "795f2597a4be988e2bb19b69ff9958e981cb894e", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e" }, { "reference_url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814", "reference_id": "7bc367e464ce50b956dd232c1dfa1cad4e7fb814", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814" }, { "reference_url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4", "reference_id": "7e8883a3f04d308302361aeffc73e0e9837f19d4", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4" }, { "reference_url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64", "reference_id": "8c7348939d8a3ecd79d630075f6be1b0c5b41f64", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64" }, { "reference_url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a", "reference_id": "95b073bddefa6243effa08e131e297c0383e7f6a", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a" }, { "reference_url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7", "reference_id": "962055268ed4f2ca1d717bfc8b6385de50a23ab7", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7" }, { "reference_url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932", "reference_id": "9cd03263100ddb1657826cc4a71470786cab3932", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932" }, { "reference_url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea", "reference_id": "dcc5182f27c1500006a1ef78e10613bb45788dea", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea" }, { "reference_url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db", "reference_id": "e0264a61119d551658d9445af38323ba94fc16db", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db" }, { "reference_url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798", "reference_id": "fc0b8259e693caa8400fa8b6ac1e494e47ea7798", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/", "reference_id": "GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5962", "reference_id": "RHSA-2024:5962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6163", "reference_id": "RHSA-2024:6163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6961", "reference_id": "RHSA-2024:6961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6962", "reference_id": "RHSA-2024:6962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9371", "reference_id": "RHSA-2024:9371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9371" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-8088" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnv8-yrd6-c7cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78165?format=api", "vulnerability_id": "VCID-dv5v-71b5-budp", "summary": "python: use after free in heappushpop() of heapq module", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42375", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42344", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42393", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.424", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42358", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42407", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42382", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42311", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42243", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42239", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42156", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249755", "reference_id": "2249755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2249755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0114", "reference_id": "RHSA-2024:0114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0430", "reference_id": "RHSA-2024:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0586", "reference_id": "RHSA-2024:0586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2987", "reference_id": "RHSA-2024:2987", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2987" }, { "reference_url": "https://usn.ubuntu.com/6394-1/", "reference_id": "USN-6394-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6394-1/" }, { "reference_url": "https://usn.ubuntu.com/6394-2/", "reference_id": "USN-6394-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6394-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-48560" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dv5v-71b5-budp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40939?format=api", "vulnerability_id": "VCID-e1yx-dxa6-1bba", "summary": "Multiple vulnerabilities have been found in the Oracle JRE/JDK,\n allowing attackers to cause unspecified impact.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88099", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88165", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88159", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.8816", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88174", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88172", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88108", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88131", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.8815", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03832", "scoring_system": "epss", "scoring_elements": "0.88156", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03933", "scoring_system": "epss", "scoring_elements": "0.88364", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03933", "scoring_system": "epss", "scoring_elements": "0.88358", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03933", "scoring_system": "epss", "scoring_elements": "0.88362", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3389" }, { "reference_url": "https://curl.se/docs/CVE-2011-3389.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2011-3389.html" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506", "reference_id": "737506", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737506" }, { "reference_url": "https://security.gentoo.org/glsa/201111-02", "reference_id": "GLSA-201111-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201111-02" }, { "reference_url": "https://security.gentoo.org/glsa/201203-02", "reference_id": "GLSA-201203-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-02" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://security.gentoo.org/glsa/201406-32", "reference_id": "GLSA-201406-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1380", "reference_id": "RHSA-2011:1380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1384", "reference_id": "RHSA-2011:1384", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1384" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0006", "reference_id": "RHSA-2012:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0034", "reference_id": "RHSA-2012:0034", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0343", "reference_id": "RHSA-2012:0343", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0508", "reference_id": "RHSA-2012:0508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1455", "reference_id": "RHSA-2013:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1455" }, { "reference_url": "https://usn.ubuntu.com/1263-1/", "reference_id": "USN-1263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1263-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936928?format=api", "purl": "pkg:deb/debian/python2.7@2.7.3~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.3~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2011-3389" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e1yx-dxa6-1bba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50773?format=api", "vulnerability_id": "VCID-efdj-sb7s-p3fk", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14422.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14422.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14422", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78633", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.7864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78671", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78651", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78677", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78683", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78708", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.7869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78709", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78733", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78741", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01172", "scoring_system": "epss", "scoring_elements": "0.78758", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14422" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854926", "reference_id": "1854926", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854926" }, { "reference_url": "https://security.gentoo.org/glsa/202008-01", "reference_id": "GLSA-202008-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4285", "reference_id": "RHSA-2020:4285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4299", "reference_id": "RHSA-2020:4299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4433", "reference_id": "RHSA-2020:4433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4641", "reference_id": "RHSA-2020:4641", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4641" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5010", "reference_id": "RHSA-2020:5010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5010" }, { "reference_url": "https://usn.ubuntu.com/4428-1/", "reference_id": "USN-4428-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4428-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2020-14422" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efdj-sb7s-p3fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81661?format=api", "vulnerability_id": "VCID-emku-csrd-4bg5", "summary": "python: unsafe dll loading in getpathp.c on Windows", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8315.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8315.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8315", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55173", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55296", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55278", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55329", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.5534", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55319", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.553", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55337", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55341", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.5532", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55257", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55277", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.5525", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8315" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855039", "reference_id": "1855039", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855039" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2020-8315" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-emku-csrd-4bg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50412?format=api", "vulnerability_id": "VCID-enav-dz7a-pqdq", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "http://bugs.python.org/issue21082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue21082" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00007.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2667.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2667.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18668", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18817", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18829", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18844", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18733", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18712", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18823", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18903", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18865", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22343", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22185", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2667" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201503-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/03/28/15", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/03/28/15" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/03/29/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/03/29/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/03/30/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/03/30/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082177", "reference_id": "1082177", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082177" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2667", "reference_id": "CVE-2014-2667", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2667" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2014-2667" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-enav-dz7a-pqdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30515?format=api", "vulnerability_id": "VCID-ewbq-2gm8-tyf5", "summary": "Buffer overflow in sponge queue functions\n### Impact\n\nThe Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more.\n\n### Patches\n\nYes, see commit [fdc6fef0](https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a).\n\n### Workarounds\n\nThe problem can be avoided by limiting the size of the partial input data (or partial output digest) below 2^32 - 200 bytes. Multiple calls to the queue system can be chained at a higher level to retain the original functionality. Alternatively, one can process the entire input (or produce the entire output) at once, avoiding the queuing functions altogether.\n\n### References\n\nSee [issue #105](https://github.com/XKCP/XKCP/issues/105) for more details.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79915", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79943", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.7996", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.7994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79931", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79903", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.014", "scoring_system": "epss", "scoring_elements": "0.80444", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.014", "scoring_system": "epss", "scoring_elements": "0.80499", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.014", "scoring_system": "epss", "scoring_elements": "0.80482", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.014", "scoring_system": "epss", "scoring_elements": "0.80475", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.014", "scoring_system": "epss", "scoring_elements": "0.80449", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.014", "scoring_system": "epss", "scoring_elements": "0.80446", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37454" }, { "reference_url": "https://csrc.nist.gov/projects/hash-functions/sha-3-project", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://csrc.nist.gov/projects/hash-functions/sha-3-project" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454" }, { "reference_url": "https://eprint.iacr.org/2023/331", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://eprint.iacr.org/2023/331" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312" }, { "reference_url": "https://github.com/johanns/sha3/issues/17", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/johanns/sha3/issues/17" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml" }, { "reference_url": "https://github.com/tiran/pysha3/issues/29", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tiran/pysha3/issues/29" }, { "reference_url": "https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a" }, { "reference_url": "https://github.com/XKCP/XKCP/issues/105", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/XKCP/XKCP/issues/105" }, { "reference_url": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/" }, { "reference_url": "https://mouha.be/sha-3-buffer-overflow", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://mouha.be/sha-3-buffer-overflow" }, { "reference_url": "https://mouha.be/sha-3-buffer-overflow/", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://mouha.be/sha-3-buffer-overflow/" }, { "reference_url": "https://news.ycombinator.com/item?id=33281106", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://news.ycombinator.com/item?id=33281106" }, { "reference_url": "https://news.ycombinator.com/item?id=35050307", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://news.ycombinator.com/item?id=35050307" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37454", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37454" }, { "reference_url": "https://security.gentoo.org/glsa/202305-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://security.gentoo.org/glsa/202305-02" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5267", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5267" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5269", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5269" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030", "reference_id": "1023030", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140200", "reference_id": "2140200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140200" }, { "reference_url": "https://github.com/advisories/GHSA-6w4m-2xhg-2658", "reference_id": "GHSA-6w4m-2xhg-2658", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6w4m-2xhg-2658" }, { "reference_url": "https://security.gentoo.org/glsa/202211-03", "reference_id": "GLSA-202211-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202211-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0848", "reference_id": "RHSA-2023:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0965", "reference_id": "RHSA-2023:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2417", "reference_id": "RHSA-2023:2417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2903", "reference_id": "RHSA-2023:2903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2903" }, { "reference_url": "https://usn.ubuntu.com/5717-1/", "reference_id": "USN-5717-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5717-1/" }, { "reference_url": "https://usn.ubuntu.com/5767-1/", "reference_id": "USN-5767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5767-1/" }, { "reference_url": "https://usn.ubuntu.com/5767-3/", "reference_id": "USN-5767-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5767-3/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/5930-1/", "reference_id": "USN-5930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5930-1/" }, { "reference_url": "https://usn.ubuntu.com/5931-1/", "reference_id": "USN-5931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5931-1/" }, { "reference_url": "https://usn.ubuntu.com/6524-1/", "reference_id": "USN-6524-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6524-1/" }, { "reference_url": "https://usn.ubuntu.com/6525-1/", "reference_id": "USN-6525-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6525-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-37454", "GHSA-6w4m-2xhg-2658" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewbq-2gm8-tyf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50411?format=api", "vulnerability_id": "VCID-ez5b-fvw8-hkh3", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.95985", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.95992", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.95999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96004", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96016", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96021", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96036", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96037", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96038", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.23888", "scoring_system": "epss", "scoring_elements": "0.96039", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "reference_id": "1062370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062370" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py", "reference_id": "CVE-2014-1912;OSVDB-102929", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1064", "reference_id": "RHSA-2015:1064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1330", "reference_id": "RHSA-2015:1330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1330" }, { "reference_url": "https://usn.ubuntu.com/2125-1/", "reference_id": "USN-2125-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2125-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936934?format=api", "purl": "pkg:deb/debian/python2.7@2.7.6-6?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.6-6%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2014-1912" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ez5b-fvw8-hkh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15630?format=api", "vulnerability_id": "VCID-f5vu-k9rc-27fz", "summary": "Improper Validation of Array Index\nArray index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.", "references": [ { "reference_url": "http://bugs.python.org/issue21529", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://bugs.python.org/issue21529" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/06/24/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://openwall.com/lists/oss-security/2014/06/24/7" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1064.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1064.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68247", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68098", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.6812", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68194", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68161", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68199", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.6821", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68192", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68235", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68243", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-4616" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1112285", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1112285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616" }, { "reference_url": "https://github.com/simplejson/simplejson", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/simplejson/simplejson" }, { "reference_url": "https://hackerone.com/reports/12297", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://hackerone.com/reports/12297" }, { "reference_url": "https://security.gentoo.org/glsa/201503-10", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201503-10" }, { "reference_url": "http://www.securityfocus.com/bid/68119", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/68119" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4616", "reference_id": "CVE-2014-4616", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4616" }, { "reference_url": "https://github.com/advisories/GHSA-9772-cwx9-r4cj", "reference_id": "GHSA-9772-cwx9-r4cj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9772-cwx9-r4cj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1064", "reference_id": "RHSA-2015:1064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2101", "reference_id": "RHSA-2015:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2101" }, { "reference_url": "https://usn.ubuntu.com/2653-1/", "reference_id": "USN-2653-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2653-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936935?format=api", "purl": "pkg:deb/debian/python2.7@2.7.7-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.7-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2014-4616", "GHSA-9772-cwx9-r4cj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f5vu-k9rc-27fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86592?format=api", "vulnerability_id": "VCID-g81p-pg7g-xfcf", "summary": "python: wildcard matching rules do not follow RFC 6125", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7440.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7440.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.57994", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58011", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.57912", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.57997", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58019", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.57993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58052", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58068", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58045", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58025", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58055", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00358", "scoring_system": "epss", "scoring_elements": "0.58032", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7440" }, { "reference_url": "https://bugs.python.org/issue17997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue17997" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7440" }, { "reference_url": "http://seclists.org/oss-sec/2015/q2/483", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2015/q2/483" }, { "reference_url": "http://seclists.org/oss-sec/2015/q2/523", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2015/q2/523" }, { "reference_url": "https://hg.python.org/cpython/rev/10d0edadbcdd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hg.python.org/cpython/rev/10d0edadbcdd" }, { "reference_url": "http://www.securityfocus.com/bid/74707", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/74707" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1224999", "reference_id": "1224999", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1224999" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7440", "reference_id": "CVE-2013-7440", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1166", "reference_id": "RHSA-2016:1166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1166" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936931?format=api", "purl": "pkg:deb/debian/python2.7@2.7.9-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2013-7440" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g81p-pg7g-xfcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56236?format=api", "vulnerability_id": "VCID-gfzb-b7tt-fkgz", "summary": "A buffer overflow in Python might allow remote attackers to cause a\n Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000030.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000030.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81483", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81495", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81517", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81514", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81542", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81548", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81568", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81555", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81586", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81587", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81592", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81614", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81622", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01576", "scoring_system": "epss", "scoring_elements": "0.81626", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000030" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541558", "reference_id": "1541558", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541558" }, { "reference_url": "https://security.gentoo.org/glsa/201811-02", "reference_id": "GLSA-201811-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-02" }, { "reference_url": "https://usn.ubuntu.com/3817-1/", "reference_id": "USN-3817-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-1/" }, { "reference_url": "https://usn.ubuntu.com/3817-2/", "reference_id": "USN-3817-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936941?format=api", "purl": "pkg:deb/debian/python2.7@2.7.14-5?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.14-5%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-1000030" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzb-b7tt-fkgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62534?format=api", "vulnerability_id": "VCID-gkfp-ga1r-jkag", "summary": "A vulnerability in Python could lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87663", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87643", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.8764", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87658", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87664", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87598", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87617", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87624", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87635", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.8763", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03512", "scoring_system": "epss", "scoring_elements": "0.87642", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0363", "scoring_system": "epss", "scoring_elements": "0.87785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0363", "scoring_system": "epss", "scoring_elements": "0.87796", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0363", "scoring_system": "epss", "scoring_elements": "0.87774", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809065", "reference_id": "1809065", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809065" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099", "reference_id": "970099", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099" }, { "reference_url": "https://security.gentoo.org/glsa/202005-09", "reference_id": "GLSA-202005-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3888", "reference_id": "RHSA-2020:3888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4285", "reference_id": "RHSA-2020:4285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4433", "reference_id": "RHSA-2020:4433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4641", "reference_id": "RHSA-2020:4641", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4641" }, { "reference_url": "https://usn.ubuntu.com/4333-1/", "reference_id": "USN-4333-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4333-1/" }, { "reference_url": "https://usn.ubuntu.com/4333-2/", "reference_id": "USN-4333-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4333-2/" }, { "reference_url": "https://usn.ubuntu.com/4754-3/", "reference_id": "USN-4754-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4754-3/" }, { "reference_url": "https://usn.ubuntu.com/5200-1/", "reference_id": "USN-5200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5200-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936947?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2020-8492" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkfp-ga1r-jkag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78172?format=api", "vulnerability_id": "VCID-gxvd-xhmx-2uh9", "summary": "python: sensitive information can be obtained via the _asyncio._swap_current_task component.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59603", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59596", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59616", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59586", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59555", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59607", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.5962", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59602", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59635", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59642", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59626", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38898" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/105987", "reference_id": "105987", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-08T20:56:48Z/" } ], "url": "https://github.com/python/cpython/issues/105987" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233280", "reference_id": "2233280", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233280" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-38898" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gxvd-xhmx-2uh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73081?format=api", "vulnerability_id": "VCID-hcq4-yq9k-jygb", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95838", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95828", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95833", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95836", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95797", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95808", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22336", "scoring_system": "epss", "scoring_elements": "0.95817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23201", "scoring_system": "epss", "scoring_elements": "0.95911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23201", "scoring_system": "epss", "scoring_elements": "0.95903", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631420", "reference_id": "1631420", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631420" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909673", "reference_id": "909673", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909673" }, { "reference_url": "https://usn.ubuntu.com/3817-1/", "reference_id": "USN-3817-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-1/" }, { "reference_url": "https://usn.ubuntu.com/3817-2/", "reference_id": "USN-3817-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936942?format=api", "purl": "pkg:deb/debian/python2.7@2.7.15-5?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.15-5%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-1000802" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hcq4-yq9k-jygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51185?format=api", "vulnerability_id": "VCID-hgwh-tzsf-suc1", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90443", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90459", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90464", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90476", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90482", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.9049", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90483", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.905", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90499", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90512", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90511", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05778", "scoring_system": "epss", "scoring_elements": "0.90509", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303647", "reference_id": "1303647", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303647" }, { "reference_url": "https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772", "reference_id": "CVE-2016-0772", "reference_type": "exploit", "scores": [], "url": "https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt", "reference_id": "CVE-2016-0772", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201701-18", "reference_id": "GLSA-201701-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1626", "reference_id": "RHSA-2016:1626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1627", "reference_id": "RHSA-2016:1627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1628", "reference_id": "RHSA-2016:1628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1629", "reference_id": "RHSA-2016:1629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1630", "reference_id": "RHSA-2016:1630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1630" }, { "reference_url": "https://usn.ubuntu.com/3134-1/", "reference_id": "USN-3134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936937?format=api", "purl": "pkg:deb/debian/python2.7@2.7.12~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.12~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2016-0772" ], "risk_score": 8.6, "exploitability": "2.0", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgwh-tzsf-suc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73711?format=api", "vulnerability_id": "VCID-hssa-umby-eud3", "summary": "python: local privilege escalation via search path in Windows", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26488.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26488.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26488", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81715", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81739", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81743", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.8175", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81744", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81782", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01607", "scoring_system": "epss", "scoring_elements": "0.81786", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01669", "scoring_system": "epss", "scoring_elements": "0.82055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82374", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82359", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.8237", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26488" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316527", "reference_id": "2316527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316527" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-26488" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hssa-umby-eud3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42642?format=api", "vulnerability_id": "VCID-hz5k-rky7-nucg", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41105.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-41105", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58339", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58342", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58388", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58406", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58383", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58345", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58356", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58333", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58385", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58409", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-41105" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/pull/107981", "reference_id": "107981", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/" } ], "url": "https://github.com/python/cpython/pull/107981" }, { "reference_url": "https://github.com/python/cpython/pull/107982", "reference_id": "107982", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/" } ], "url": "https://github.com/python/cpython/pull/107982" }, { "reference_url": "https://github.com/python/cpython/pull/107983", "reference_id": "107983", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/" } ], "url": "https://github.com/python/cpython/pull/107983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235795", "reference_id": "2235795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235795" }, { "reference_url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/", "reference_id": "D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/" } ], "url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0015/", "reference_id": "ntap-20231006-0015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:01:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0015/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6494", "reference_id": "RHSA-2023:6494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7024", "reference_id": "RHSA-2023:7024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7024" }, { "reference_url": "https://usn.ubuntu.com/6547-1/", "reference_id": "USN-6547-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6547-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-41105" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hz5k-rky7-nucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63532?format=api", "vulnerability_id": "VCID-j9s6-2y47-zbbt", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1260" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1061.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80972", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80917", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80939", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80937", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80964", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80974", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.80966", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01476", "scoring_system": "epss", "scoring_elements": "0.81003", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81699", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81724", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81733", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81739", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81695", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1061" }, { "reference_url": "https://bugs.python.org/issue32981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue32981" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647" }, { "reference_url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1" }, { "reference_url": "https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4306" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4307" }, { "reference_url": "http://www.securitytracker.com/id/1042001", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1042001" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549192", "reference_id": "1549192", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549192" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:alpha1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:alpha2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:alpha3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:alpha4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:beta3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:beta4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:beta5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.7.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1061", "reference_id": "CVE-2018-1061", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3041", "reference_id": "RHSA-2018:3041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1268", "reference_id": "RHSA-2020:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1346", "reference_id": "RHSA-2020:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1346" }, { "reference_url": "https://usn.ubuntu.com/3817-1/", "reference_id": "USN-3817-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-1/" }, { "reference_url": "https://usn.ubuntu.com/3817-2/", "reference_id": "USN-3817-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3817-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936943?format=api", "purl": "pkg:deb/debian/python2.7@2.7.14-7?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.14-7%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-1061" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9s6-2y47-zbbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59780?format=api", "vulnerability_id": "VCID-k18q-3e9y-ykgf", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html" }, { "reference_url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3335" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76418", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76562", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76509", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76542", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76548", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76421", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.7645", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76464", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76477", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76503", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76518", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0096", "scoring_system": "epss", "scoring_elements": "0.76521", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9948" }, { "reference_url": "https://bugs.python.org/issue35907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue35907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/pull/11842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/pull/11842" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/29", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Oct/29" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190404-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190404-0004/" }, { "reference_url": "http://www.securityfocus.com/bid/107549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107549" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695570", "reference_id": "1695570", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695570" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9948", "reference_id": "CVE-2019-9948", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:N" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9948" }, { "reference_url": "https://security.gentoo.org/glsa/202003-26", "reference_id": "GLSA-202003-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1700", "reference_id": "RHSA-2019:1700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2030", "reference_id": "RHSA-2019:2030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3520", "reference_id": "RHSA-2019:3520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1268", "reference_id": "RHSA-2020:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1346", "reference_id": "RHSA-2020:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1462", "reference_id": "RHSA-2020:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1462" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936949?format=api", "purl": "pkg:deb/debian/python2.7@2.7.16-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-9948" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k18q-3e9y-ykgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87205?format=api", "vulnerability_id": "VCID-m7bx-qd2f-4qc9", "summary": "python: distutils creates ~/.pypirc insecurely", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555" }, { "reference_url": "http://bugs.python.org/file23824/pypirc-secure.diff", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/file23824/pypirc-secure.diff" }, { "reference_url": "http://bugs.python.org/issue13512", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue13512" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4944.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09011", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08915", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08897", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09047", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09093", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08955", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09034", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09067", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09035", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09021", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1043", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10498", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10311", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944" }, { "reference_url": "http://secunia.com/advisories/50858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50858" }, { "reference_url": "http://secunia.com/advisories/51024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51024" }, { "reference_url": "http://secunia.com/advisories/51040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51040" }, { "reference_url": "http://secunia.com/advisories/51087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51087" }, { "reference_url": "http://secunia.com/advisories/51089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51089" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/03/27/10", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/03/27/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/03/27/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/03/27/5" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1592-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1592-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1596-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1596-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1615-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1615-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1616-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1616-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555", "reference_id": "650555", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=758905", "reference_id": "758905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=758905" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4944", "reference_id": "CVE-2011-4944", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0744", "reference_id": "RHSA-2012:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0745", "reference_id": "RHSA-2012:0745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0745" }, { "reference_url": "https://usn.ubuntu.com/1592-1/", "reference_id": "USN-1592-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1592-1/" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-1/", "reference_id": "USN-1613-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-2/", "reference_id": "USN-1613-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-2/" }, { "reference_url": "https://usn.ubuntu.com/1615-1/", "reference_id": "USN-1615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1615-1/" }, { "reference_url": "https://usn.ubuntu.com/1616-1/", "reference_id": "USN-1616-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1616-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936930?format=api", "purl": "pkg:deb/debian/python2.7@2.7.3~rc2-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.3~rc2-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2011-4944" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7bx-qd2f-4qc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50413?format=api", "vulnerability_id": "VCID-mzd5-dwty-bqhf", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "http://bugs.python.org/issue21831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue21831" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1064.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1064.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1330.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1330.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75263", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75142", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75152", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75186", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75219", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75197", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75228", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75218", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75255", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0087", "scoring_system": "epss", "scoring_elements": "0.75259", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96193" }, { "reference_url": "https://security.gentoo.org/glsa/201503-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201503-10" }, { "reference_url": "https://support.apple.com/kb/HT205031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205031" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/23/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/23/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/09/25/47", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/09/25/47" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/70089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70089" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1146026", "reference_id": "1146026", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1146026" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848", "reference_id": "763848", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7185", "reference_id": "CVE-2014-7185", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1064", "reference_id": "RHSA-2015:1064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1330", "reference_id": "RHSA-2015:1330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2101", "reference_id": "RHSA-2015:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2101" }, { "reference_url": "https://usn.ubuntu.com/2653-1/", "reference_id": "USN-2653-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2653-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936936?format=api", "purl": "pkg:deb/debian/python2.7@2.7.8-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.8-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2014-7185" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzd5-dwty-bqhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/218347?format=api", "vulnerability_id": "VCID-n5bc-vs4j-nfdp", "summary": "In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15523", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30192", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30272", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30089", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30149", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30185", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30188", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30094", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30109", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30043", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29974", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29858", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29791", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15523" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2020-15523" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5bc-vs4j-nfdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87802?format=api", "vulnerability_id": "VCID-nvmn-jbw1-47cq", "summary": "python: rgbimg: multiple security issues", "references": [ { "reference_url": "http://bugs.python.org/issue8678", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue8678" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4134.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4134.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85703", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85572", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85584", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85601", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85638", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85653", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85645", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85668", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.8569", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02612", "scoring_system": "epss", "scoring_elements": "0.85701", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4134" }, { "reference_url": "http://secunia.com/advisories/42888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42888" }, { "reference_url": "http://secunia.com/advisories/43068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43068" }, { "reference_url": "http://secunia.com/advisories/43364", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43364" }, { "reference_url": "http://support.apple.com/kb/HT4435", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4435" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0260.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0260.html" }, { "reference_url": "http://www.securityfocus.com/bid/40361", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40361" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0122", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0122" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0413", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0413" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=541698", "reference_id": "541698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541698" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4134", "reference_id": "CVE-2009-4134", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0027", "reference_id": "RHSA-2011:0027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0260", "reference_id": "RHSA-2011:0260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0260" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2009-4134" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvmn-jbw1-47cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83267?format=api", "vulnerability_id": "VCID-ppqx-qup8-sqbz", "summary": "python: email.utils.parseaddr wrongly parses email addresses", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16056", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75591", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75594", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75604", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75638", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00899", "scoring_system": "epss", "scoring_elements": "0.75674", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.79088", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.79057", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.79055", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.79094", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.7911", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.79042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.79032", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01217", "scoring_system": "epss", "scoring_elements": "0.7906", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16056" }, { "reference_url": "https://bugs.python.org/issue34155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue34155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190926-0005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190926-0005/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", "reference_id": "1749839", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749839" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901", "reference_id": "940901", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", "reference_id": "CVE-2019-16056", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3948", "reference_id": "RHSA-2019:3948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1131", "reference_id": "RHSA-2020:1131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1132", "reference_id": "RHSA-2020:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1605", "reference_id": "RHSA-2020:1605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1764", "reference_id": "RHSA-2020:1764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2520", "reference_id": "RHSA-2020:2520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2520" }, { "reference_url": "https://usn.ubuntu.com/4151-1/", "reference_id": "USN-4151-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4151-1/" }, { "reference_url": "https://usn.ubuntu.com/4151-2/", "reference_id": "USN-4151-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4151-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936945?format=api", "purl": "pkg:deb/debian/python2.7@2.7.17~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.17~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-16056" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ppqx-qup8-sqbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69467?format=api", "vulnerability_id": "VCID-q6g1-cjz3-77e4", "summary": "cpython: Tarfile extracts filtered members when errorlevel=0", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4435.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67725", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67642", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67688", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67711", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67696", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67663", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67699", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67712", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67692", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00541", "scoring_system": "epss", "scoring_elements": "0.67723", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4435" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/135034", "reference_id": "135034", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/issues/135034" }, { "reference_url": "https://github.com/python/cpython/pull/135037", "reference_id": "135037", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/pull/135037" }, { "reference_url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da", "reference_id": "19de092debb3d7e832e5672cc2f7b788d35951da", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/19de092debb3d7e832e5672cc2f7b788d35951da" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010", "reference_id": "2370010", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010" }, { "reference_url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9", "reference_id": "28463dba112af719df1e8b0391c46787ad756dd9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/28463dba112af719df1e8b0391c46787ad756dd9" }, { "reference_url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_id": "3612d8f51741b11f36f8fb0494d79086bac9390a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a" }, { "reference_url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_id": "4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/4633f3f497b1ff70e4a35b6fe2c907cbe2d4cb2e" }, { "reference_url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a", "reference_id": "9c1110ef6652687d7c55f590f909720eddde965a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/9c1110ef6652687d7c55f590f909720eddde965a" }, { "reference_url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_id": "9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a" }, { "reference_url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_id": "aa9eb5f757ceff461e6e996f12c89e5d9b583b01", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/aa9eb5f757ceff461e6e996f12c89e5d9b583b01" }, { "reference_url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_id": "dd8f187d0746da151e0025c51680979ac5b4cfb1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://github.com/python/cpython/commit/dd8f187d0746da151e0025c51680979ac5b4cfb1" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/", "reference_id": "MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T13:58:00Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10026", "reference_id": "RHSA-2025:10026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10028", "reference_id": "RHSA-2025:10028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10031", "reference_id": "RHSA-2025:10031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10128", "reference_id": "RHSA-2025:10128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10136", "reference_id": "RHSA-2025:10136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10140", "reference_id": "RHSA-2025:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10148", "reference_id": "RHSA-2025:10148", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10148" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10189", "reference_id": "RHSA-2025:10189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10399", "reference_id": "RHSA-2025:10399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10484", "reference_id": "RHSA-2025:10484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10602", "reference_id": "RHSA-2025:10602", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9918", "reference_id": "RHSA-2025:9918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9918" }, { "reference_url": "https://usn.ubuntu.com/7583-1/", "reference_id": "USN-7583-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7583-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2025-4435" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6g1-cjz3-77e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87803?format=api", "vulnerability_id": "VCID-rnkj-2dgz-kuah", "summary": "python: rgbimg: multiple security issues", "references": [ { "reference_url": "http://bugs.python.org/issue8678", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue8678" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1449.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1449.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88102", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.8801", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.8802", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.8804", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88076", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88069", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88083", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.8808", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88098", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03785", "scoring_system": "epss", "scoring_elements": "0.88103", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1449" }, { "reference_url": "http://secunia.com/advisories/42888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42888" }, { "reference_url": "http://secunia.com/advisories/43068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43068" }, { "reference_url": "http://secunia.com/advisories/43364", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43364" }, { "reference_url": "http://support.apple.com/kb/HT4435", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT4435" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0260.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0260.html" }, { "reference_url": "http://www.securityfocus.com/bid/40363", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40363" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0122", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0122" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0413", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0413" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=541698", "reference_id": "541698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541698" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1449", "reference_id": "CVE-2010-1449", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0027", "reference_id": "RHSA-2011:0027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0260", "reference_id": "RHSA-2011:0260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0260" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2010-1449" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rnkj-2dgz-kuah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175412?format=api", "vulnerability_id": "VCID-s2wz-ghk2-kkg3", "summary": "Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2122", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2143", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21262", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21324", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21334", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2124", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21233", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21242", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21219", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21088", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2109", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21065", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000117" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-1000117" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s2wz-ghk2-kkg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42638?format=api", "vulnerability_id": "VCID-s7qf-hjkq-wkdy", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.23997", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24166", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24232", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24276", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24293", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24209", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24197", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2405", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24382", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27973", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6507" }, { "reference_url": "https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b", "reference_id": "10e9bb13b8dcaa414645b9bd10718d8f7179e82b", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b" }, { "reference_url": "https://github.com/python/cpython/issues/112334", "reference_id": "112334", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/issues/112334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293948", "reference_id": "2293948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293948" }, { "reference_url": "https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06", "reference_id": "85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06" }, { "reference_url": "https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610", "reference_id": "9fe7655c6ce0b8e9adc229daf681b6d30e6b1610", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/", "reference_id": "AUL7QFHBLILGISS7U63B47AYSSGJJQZD", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-6507" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7qf-hjkq-wkdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/223883?format=api", "vulnerability_id": "VCID-sbe1-cx8r-aba1", "summary": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you’re not using Windows or haven’t changed the temporary directory location then you aren’t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix “700” for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06838", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06895", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06923", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.069", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06723", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06916", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06772", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06808", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06846", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0685", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06844", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4030" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/118486", "reference_id": "118486", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/issues/118486" }, { "reference_url": "https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a", "reference_id": "35c799d79177b962ddace2fa068101465570a29a", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/35c799d79177b962ddace2fa068101465570a29a" }, { "reference_url": "https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd", "reference_id": "5130731c9e779b97d00a24f54cdce73ce9975dfd", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/5130731c9e779b97d00a24f54cdce73ce9975dfd" }, { "reference_url": "https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee", "reference_id": "66f8bb76a15e64a1bb7688b177ed29e26230fdee", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/66f8bb76a15e64a1bb7688b177ed29e26230fdee" }, { "reference_url": "https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e", "reference_id": "6d0850c4c8188035643586ab4d8ec2468abd699e", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/6d0850c4c8188035643586ab4d8ec2468abd699e" }, { "reference_url": "https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e", "reference_id": "81939dad77001556c527485d31a2d0f4a759033e", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/81939dad77001556c527485d31a2d0f4a759033e" }, { "reference_url": "https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d", "reference_id": "8ed546679524140d8282175411fd141fe7df070d", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d" }, { "reference_url": "https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee", "reference_id": "91e3669e01245185569d09e9e6e11641282971ee", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/91e3669e01245185569d09e9e6e11641282971ee" }, { "reference_url": "https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca", "reference_id": "94591dca510c796c7d40e9b4167ea56f2fdf28ca", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/94591dca510c796c7d40e9b4167ea56f2fdf28ca" }, { "reference_url": "https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d", "reference_id": "c8f868dc52f98011d0f9b459b6487920bfb0ac4d", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/c8f868dc52f98011d0f9b459b6487920bfb0ac4d" }, { "reference_url": "https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84", "reference_id": "d86b49411753bf2c83291e3a14ae43fefded2f84", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/d86b49411753bf2c83291e3a14ae43fefded2f84" }, { "reference_url": "https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763", "reference_id": "e1dfa978b1ad210d551385ad8073ec6154f53763", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/e1dfa978b1ad210d551385ad8073ec6154f53763" }, { "reference_url": "https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46", "reference_id": "eb29e2f5905da93333d1ce78bc98b151e763ff46", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://github.com/python/cpython/commit/eb29e2f5905da93333d1ce78bc98b151e763ff46" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240705-0005/", "reference_id": "ntap-20240705-0005", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240705-0005/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/", "reference_id": "PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T15:32:37Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PRGS5OR3N3PNPT4BMV2VAGN5GMUI5636/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-4030" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbe1-cx8r-aba1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73076?format=api", "vulnerability_id": "VCID-tbuw-2msj-tqd9", "summary": "python: Virtual environment (venv) activation scripts don't quote paths", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9287.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9287.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19167", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19864", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.1976", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19753", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19915", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19944", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19862", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19866", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9287" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089117", "reference_id": "1089117", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089117" }, { "reference_url": "https://github.com/python/cpython/issues/124651", "reference_id": "124651", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/issues/124651" }, { "reference_url": "https://github.com/python/cpython/pull/124712", "reference_id": "124712", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/pull/124712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321440", "reference_id": "2321440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321440" }, { "reference_url": "https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7", "reference_id": "633555735a023d3e4d92ba31da35b1205f9ecbd7", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7" }, { "reference_url": "https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db", "reference_id": "8450b2482586857d689b6658f08de9c8179af7db", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db" }, { "reference_url": "https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8", "reference_id": "9286ab3a107ea41bd3f3c3682ce2512692bdded8", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8" }, { "reference_url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97", "reference_id": "ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97" }, { "reference_url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b", "reference_id": "d48cc82ed25e26b02eb97c6263d95dcaa1e9111b", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b" }, { "reference_url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483", "reference_id": "e52095a0c1005a87eed2276af7a1f2f66e2b6483", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10779", "reference_id": "RHSA-2024:10779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10978", "reference_id": "RHSA-2024:10978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10979", "reference_id": "RHSA-2024:10979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10980", "reference_id": "RHSA-2024:10980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10983", "reference_id": "RHSA-2024:10983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11024", "reference_id": "RHSA-2024:11024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11035", "reference_id": "RHSA-2024:11035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11111", "reference_id": "RHSA-2024:11111", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0280", "reference_id": "RHSA-2025:0280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/", "reference_id": "RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/" }, { "reference_url": "https://usn.ubuntu.com/7116-1/", "reference_id": "USN-7116-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7116-1/" }, { "reference_url": "https://usn.ubuntu.com/7348-1/", "reference_id": "USN-7348-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7348-1/" }, { "reference_url": "https://usn.ubuntu.com/7488-1/", "reference_id": "USN-7488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7488-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-9287" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbuw-2msj-tqd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50772?format=api", "vulnerability_id": "VCID-tyk4-kazt-kydj", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55257", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.5538", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55358", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55408", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55419", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55397", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55379", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55414", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55336", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55357", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55329", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856481", "reference_id": "1856481", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856481" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099", "reference_id": "970099", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099" }, { "reference_url": "https://security.gentoo.org/glsa/202008-01", "reference_id": "GLSA-202008-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202008-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4273", "reference_id": "RHSA-2020:4273", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4285", "reference_id": "RHSA-2020:4285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4299", "reference_id": "RHSA-2020:4299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4433", "reference_id": "RHSA-2020:4433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4641", "reference_id": "RHSA-2020:4641", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4641" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4654", "reference_id": "RHSA-2020:4654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5009", "reference_id": "RHSA-2020:5009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5010", "reference_id": "RHSA-2020:5010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0528", "reference_id": "RHSA-2021:0528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0761", "reference_id": "RHSA-2021:0761", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0761" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0881", "reference_id": "RHSA-2021:0881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4428-1/", "reference_id": "USN-4428-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4428-1/" }, { "reference_url": "https://usn.ubuntu.com/4754-3/", "reference_id": "USN-4754-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4754-3/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936947?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-20907" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk4-kazt-kydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85004?format=api", "vulnerability_id": "VCID-ugfy-dufq-hfb2", "summary": "CGIHandler: sets environmental variable based on user supplied Proxy request header", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90627", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90614", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.9063", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90632", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90572", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.9058", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90591", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90601", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.9062", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05904", "scoring_system": "epss", "scoring_elements": "0.90617", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09899", "scoring_system": "epss", "scoring_elements": "0.92986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09899", "scoring_system": "epss", "scoring_elements": "0.92978", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1000110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1357334", "reference_id": "1357334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1357334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1626", "reference_id": "RHSA-2016:1626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1627", "reference_id": "RHSA-2016:1627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1628", "reference_id": "RHSA-2016:1628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1629", "reference_id": "RHSA-2016:1629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1630", "reference_id": "RHSA-2016:1630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1630" }, { "reference_url": "https://usn.ubuntu.com/3134-1/", "reference_id": "USN-3134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936938?format=api", "purl": "pkg:deb/debian/python2.7@2.7.12-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.12-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2016-1000110" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ugfy-dufq-hfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/294729?format=api", "vulnerability_id": "VCID-v6ry-7xxz-nbeu", "summary": "CPython v3.12.0 alpha 7 was discovered to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33595", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25541", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25381", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25426", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25437", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25396", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25349", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25341", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2531", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25272", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25263", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25218", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33595" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-33595" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6ry-7xxz-nbeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82060?format=api", "vulnerability_id": "VCID-v84j-ugn9-w3c8", "summary": "python: XSS vulnerability in the documentation XML-RPC server in server_title field", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84528", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84666", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84627", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84654", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84663", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84564", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84567", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84589", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84595", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84605", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02256", "scoring_system": "epss", "scoring_elements": "0.84625", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16935" }, { "reference_url": "https://bugs.python.org/issue38243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue38243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897" }, { "reference_url": "https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213" }, { "reference_url": "https://github.com/python/cpython/pull/16373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/pull/16373" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191017-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191017-0004/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149", "reference_id": "1027149", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763229", "reference_id": "1763229", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763229" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16935", "reference_id": "CVE-2019-16935", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1605", "reference_id": "RHSA-2020:1605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3888", "reference_id": "RHSA-2020:3888", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3888" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3911", "reference_id": "RHSA-2020:3911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4285", "reference_id": "RHSA-2020:4285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4433", "reference_id": "RHSA-2020:4433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4151-1/", "reference_id": "USN-4151-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4151-1/" }, { "reference_url": "https://usn.ubuntu.com/4151-2/", "reference_id": "USN-4151-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4151-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936945?format=api", "purl": "pkg:deb/debian/python2.7@2.7.17~rc1-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.17~rc1-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-16935" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v84j-ugn9-w3c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38909?format=api", "vulnerability_id": "VCID-vpwj-d49q-1uh8", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79807", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79889", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79886", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79823", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79852", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.7986", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79882", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79865", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79815", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79941", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79924", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79918", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047376", "reference_id": "2047376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047376" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/", "reference_id": "CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/" }, { "reference_url": "https://bugs.python.org/issue43882", "reference_id": "issue43882", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/" } ], "url": "https://bugs.python.org/issue43882" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220225-0009/", "reference_id": "ntap-20220225-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220225-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1663", "reference_id": "RHSA-2022:1663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1764", "reference_id": "RHSA-2022:1764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1821", "reference_id": "RHSA-2022:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6457", "reference_id": "RHSA-2022:6457", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6457" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/", "reference_id": "UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/" }, { "reference_url": "https://usn.ubuntu.com/5342-1/", "reference_id": "USN-5342-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5342-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5342-2/", "reference_id": "USN-USN-5342-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5342-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-0391" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpwj-d49q-1uh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36442?format=api", "vulnerability_id": "VCID-w6k8-js68-87g4", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which might allow attackers to access sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23336", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53385", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53379", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53358", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53323", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53374", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53329", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53276", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54251", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54311", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54336", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54271", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54321", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54358", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23336" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904", "reference_id": "1928904", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904" }, { "reference_url": "https://github.com/python/cpython/pull/24297", "reference_id": "24297", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://github.com/python/cpython/pull/24297" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/", "reference_id": "3EPYWWFDV22CJ5AOH5VCE72DOASZZ255", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/", "reference_id": "3YKKDLXL3UEZ3J426C2XTBS63AHE46SM", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/02/19/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/02/19/4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/", "reference_id": "46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090", "reference_id": "983090", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090" }, { "reference_url": "https://security.archlinux.org/ASA-202102-28", "reference_id": "ASA-202102-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-28" }, { "reference_url": "https://security.archlinux.org/ASA-202102-37", "reference_id": "ASA-202102-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202102-37" }, { "reference_url": "https://security.archlinux.org/AVG-1465", "reference_id": "AVG-1465", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1465" }, { "reference_url": "https://security.archlinux.org/AVG-1593", "reference_id": "AVG-1593", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1593" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336", "reference_id": "CVE-2021-23336", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/", "reference_id": "FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/" }, { "reference_url": "https://security.gentoo.org/glsa/202104-04", "reference_id": "GLSA-202104-04", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://security.gentoo.org/glsa/202104-04" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/", "reference_id": "HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/", "reference_id": "HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/", "reference_id": "IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/", "reference_id": "KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/", "reference_id": "LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/", "reference_id": "MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/", "reference_id": "MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html", "reference_id": "msg00030.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/", "reference_id": "N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/", "reference_id": "NJSCSN722JO2E2AGPWD4NTGVELVRPB4R", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/", "reference_id": "NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210326-0004/", "reference_id": "ntap-20210326-0004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210326-0004/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/", "reference_id": "OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/" }, { "reference_url": "https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E", "reference_id": "rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1633", "reference_id": "RHSA-2021:1633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3252", "reference_id": "RHSA-2021:3252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4151", "reference_id": "RHSA-2021:4151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4162", "reference_id": "RHSA-2021:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4162" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/", "reference_id": "RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/", "reference_id": "SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/" }, { "reference_url": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933", "reference_id": "SNYK-UPSTREAM-PYTHONCPYTHON-1074933", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/", "reference_id": "TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/" }, { "reference_url": "https://usn.ubuntu.com/4742-1/", "reference_id": "USN-4742-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4742-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/", "reference_id": "W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-23336" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6k8-js68-87g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86971?format=api", "vulnerability_id": "VCID-w85n-mm5g-5yd1", "summary": "python: XMLRPC library unrestricted decompression of HTTP responses using gzip enconding", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58918", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58903", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58902", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63793", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63843", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63747", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63875", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63827", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63862", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63871", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63861", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63835", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1753" }, { "reference_url": "https://bugs.python.org/issue16043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue16043" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046170", "reference_id": "1046170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046170" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929", "reference_id": "742929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1753", "reference_id": "CVE-2013-1753", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1064", "reference_id": "RHSA-2015:1064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2101", "reference_id": "RHSA-2015:2101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2101" }, { "reference_url": "https://usn.ubuntu.com/2653-1/", "reference_id": "USN-2653-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2653-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936931?format=api", "purl": "pkg:deb/debian/python2.7@2.7.9-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2013-1753" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w85n-mm5g-5yd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34875?format=api", "vulnerability_id": "VCID-wa9f-nvnp-euce", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which allow remote attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://bugs.python.org/issue7673", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue7673" }, { "reference_url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2089.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2089.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2089", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93062", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93037", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93049", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93059", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09965", "scoring_system": "epss", "scoring_elements": "0.93066", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.11241", "scoring_system": "epss", "scoring_elements": "0.93493", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11241", "scoring_system": "epss", "scoring_elements": "0.93509", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.11241", "scoring_system": "epss", "scoring_elements": "0.93486", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11241", "scoring_system": "epss", "scoring_elements": "0.93477", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11241", "scoring_system": "epss", "scoring_elements": "0.93501", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11241", "scoring_system": "epss", "scoring_elements": "0.93504", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2089" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089" }, { "reference_url": "http://secunia.com/advisories/40194", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40194" }, { "reference_url": "http://secunia.com/advisories/42888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42888" }, { "reference_url": "http://secunia.com/advisories/43068", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43068" }, { "reference_url": "http://secunia.com/advisories/50858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50858" }, { "reference_url": "http://secunia.com/advisories/51024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51024" }, { "reference_url": "http://secunia.com/advisories/51040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51040" }, { "reference_url": "http://secunia.com/advisories/51087", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51087" }, { "reference_url": "http://support.apple.com/kb/HT5002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5002" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0027.html" }, { "reference_url": "http://www.securityfocus.com/bid/40863", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40863" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1596-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1596-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1616-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1616-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1448" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0122", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0122" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0212" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197", "reference_id": "598197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=598197" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2089", "reference_id": "CVE-2010-2089", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2089" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/34145.txt", "reference_id": "CVE-2010-2089;OSVDB-65151", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/34145.txt" }, { "reference_url": "https://www.securityfocus.com/bid/40863/info", "reference_id": "CVE-2010-2089;OSVDB-65151", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/40863/info" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0027", "reference_id": "RHSA-2011:0027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-1/", "reference_id": "USN-1613-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-2/", "reference_id": "USN-1613-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-2/" }, { "reference_url": "https://usn.ubuntu.com/1616-1/", "reference_id": "USN-1616-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1616-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936925?format=api", "purl": "pkg:deb/debian/python2.7@2.7-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2010-2089" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wa9f-nvnp-euce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34127?format=api", "vulnerability_id": "VCID-wq7w-nrar-ykde", "summary": "A buffer overflow in Python might allow remote attackers to execute\n arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000158.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000158.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.8779", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87757", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87771", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.8777", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87769", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87786", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87792", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87726", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87747", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87764", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0359", "scoring_system": "epss", "scoring_elements": "0.87758", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03719", "scoring_system": "epss", "scoring_elements": "0.87933", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03719", "scoring_system": "epss", "scoring_elements": "0.87946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03719", "scoring_system": "epss", "scoring_elements": "0.87923", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000158" }, { "reference_url": "https://bugs.python.org/issue30657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue30657" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230216-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20230216-0001/" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4307" }, { "reference_url": "http://www.securitytracker.com/id/1039890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039890" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519595", "reference_id": "1519595", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519595" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000158", "reference_id": "CVE-2017-1000158", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000158" }, { "reference_url": "https://security.gentoo.org/glsa/201805-02", "reference_id": "GLSA-201805-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201805-02" }, { "reference_url": "https://usn.ubuntu.com/3496-1/", "reference_id": "USN-3496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3496-1/" }, { "reference_url": "https://usn.ubuntu.com/3496-2/", "reference_id": "USN-3496-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3496-2/" }, { "reference_url": "https://usn.ubuntu.com/3496-3/", "reference_id": "USN-3496-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3496-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936940?format=api", "purl": "pkg:deb/debian/python2.7@2.7.13-4?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-4%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2017-1000158" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wq7w-nrar-ykde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59774?format=api", "vulnerability_id": "VCID-wxhp-wayg-qbd1", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0763" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0764" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0981" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9636.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.9248", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.92515", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.92486", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.92495", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.92499", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.9251", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08786", "scoring_system": "epss", "scoring_elements": "0.92521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93638", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.9364", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93627", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93633", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93642", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93639", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.11474", "scoring_system": "epss", "scoring_elements": "0.93606", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9636" }, { "reference_url": "https://bugs.python.org/issue36216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue36216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/pull/12201", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/python/cpython/pull/12201" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/" }, { "reference_url": "https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190517-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190517-0001/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "http://www.securityfocus.com/bid/107400", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107400" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688543", "reference_id": "1688543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688543" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924073", "reference_id": "924073", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924073" }, { "reference_url": "https://security.archlinux.org/ASA-201906-17", "reference_id": "ASA-201906-17", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201906-17" }, { "reference_url": "https://security.archlinux.org/AVG-977", "reference_id": "AVG-977", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-977" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9636", "reference_id": "CVE-2019-9636", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9636" }, { "reference_url": "https://security.gentoo.org/glsa/202003-26", "reference_id": "GLSA-202003-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0710", "reference_id": "RHSA-2019:0710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0765", "reference_id": "RHSA-2019:0765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0806", "reference_id": "RHSA-2019:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0902", "reference_id": "RHSA-2019:0902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0997", "reference_id": "RHSA-2019:0997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1467", "reference_id": "RHSA-2019:1467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2980", "reference_id": "RHSA-2019:2980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3170", "reference_id": "RHSA-2019:3170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3170" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936949?format=api", "purl": "pkg:deb/debian/python2.7@2.7.16-2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-9636" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxhp-wayg-qbd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59778?format=api", "vulnerability_id": "VCID-x7h3-nmjt-aud5", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3335" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78546", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78675", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.7862", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78651", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78659", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78553", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78584", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78566", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78623", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78596", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78625", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9947" }, { "reference_url": "https://bugs.python.org/issue35906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.python.org/issue35906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190404-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190404-0004/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/02/04/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/02/04/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695572", "reference_id": "1695572", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695572" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9947", "reference_id": "CVE-2019-9947", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9947" }, { "reference_url": "https://security.gentoo.org/glsa/202003-26", "reference_id": "GLSA-202003-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2030", "reference_id": "RHSA-2019:2030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3520", "reference_id": "RHSA-2019:3520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1268", "reference_id": "RHSA-2020:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1346", "reference_id": "RHSA-2020:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1462", "reference_id": "RHSA-2020:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1462" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936944?format=api", "purl": "pkg:deb/debian/python2.7@2.7.16-3?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-3%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-9947" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x7h3-nmjt-aud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87440?format=api", "vulnerability_id": "VCID-xdsh-83s2-wyd6", "summary": "urllib2): Improper management of ftp:// and file:// URL schemes (Issue #11662)", "references": [ { "reference_url": "http://bugs.python.org/issue11662", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue11662" }, { "reference_url": "http://hg.python.org/cpython/file/96a6c128822b/Misc/NEWS", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.python.org/cpython/file/96a6c128822b/Misc/NEWS" }, { "reference_url": "http://hg.python.org/cpython/file/b2934d98dac1/Misc/NEWS", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.python.org/cpython/file/b2934d98dac1/Misc/NEWS" }, { "reference_url": "http://hg.python.org/cpython/rev/96a6c128822b/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.python.org/cpython/rev/96a6c128822b/" }, { "reference_url": "http://hg.python.org/cpython/rev/b2934d98dac1/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.python.org/cpython/rev/b2934d98dac1/" }, { "reference_url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/03/24/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/03/24/5" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/03/28/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/03/28/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/09/11/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/09/11/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/09/13/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/09/13/2" }, { "reference_url": "http://openwall.com/lists/oss-security/2011/09/15/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2011/09/15/5" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1521.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1521.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1521", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80552", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80421", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80448", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80467", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80477", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.8048", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80502", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80503", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80505", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80531", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01407", "scoring_system": "epss", "scoring_elements": "0.80535", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521" }, { "reference_url": "http://secunia.com/advisories/50858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50858" }, { "reference_url": "http://secunia.com/advisories/51024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51024" }, { "reference_url": "http://secunia.com/advisories/51040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51040" }, { "reference_url": "http://securitytracker.com/id?1025488", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1025488" }, { "reference_url": "http://support.apple.com/kb/HT5002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5002" }, { "reference_url": "https://www.djangoproject.com/weblog/2011/sep/09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2011/sep/09/" }, { "reference_url": "https://www.djangoproject.com/weblog/2011/sep/10/127/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:096" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1592-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1592-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1596-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1596-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1613-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1613-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=690560", "reference_id": "690560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=690560" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1521", "reference_id": "CVE-2011-1521", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0492", "reference_id": "RHSA-2011:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0554", "reference_id": "RHSA-2011:0554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0554" }, { "reference_url": "https://usn.ubuntu.com/1314-1/", "reference_id": "USN-1314-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1314-1/" }, { "reference_url": "https://usn.ubuntu.com/1592-1/", "reference_id": "USN-1592-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1592-1/" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-1/", "reference_id": "USN-1613-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-2/", "reference_id": "USN-1613-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936927?format=api", "purl": "pkg:deb/debian/python2.7@2.7.1-7?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.1-7%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2011-1521" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xdsh-83s2-wyd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59772?format=api", "vulnerability_id": "VCID-xv9p-nyha-xygv", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83537", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83546", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83574", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83598", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83606", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83622", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83616", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83646", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83647", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83672", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01989", "scoring_system": "epss", "scoring_elements": "0.83679", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", "reference_id": "1740347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740347" }, { "reference_url": "https://security.gentoo.org/glsa/202003-26", "reference_id": "GLSA-202003-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3948", "reference_id": "RHSA-2019:3948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1131", "reference_id": "RHSA-2020:1131", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1132", "reference_id": "RHSA-2020:1132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1605", "reference_id": "RHSA-2020:1605", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1605" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1764", "reference_id": "RHSA-2020:1764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1764" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936944?format=api", "purl": "pkg:deb/debian/python2.7@2.7.16-3?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-3%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-20852" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xv9p-nyha-xygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87469?format=api", "vulnerability_id": "VCID-ye66-bk4w-vbbm", "summary": "python: potential XSS in SimpleHTTPServer's list_directory()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4940.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50843", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50899", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50925", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50882", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50939", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50937", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50978", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50957", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5094", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50984", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50965", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50913", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50921", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4940" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=803500", "reference_id": "803500", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=803500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0744", "reference_id": "RHSA-2012:0744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0745", "reference_id": "RHSA-2012:0745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0745" }, { "reference_url": "https://usn.ubuntu.com/1592-1/", "reference_id": "USN-1592-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1592-1/" }, { "reference_url": "https://usn.ubuntu.com/1596-1/", "reference_id": "USN-1596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1596-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-1/", "reference_id": "USN-1613-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-1/" }, { "reference_url": "https://usn.ubuntu.com/1613-2/", "reference_id": "USN-1613-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1613-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936929?format=api", "purl": "pkg:deb/debian/python2.7@2.7.2-8?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.2-8%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2011-4940" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ye66-bk4w-vbbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265016?format=api", "vulnerability_id": "VCID-ymg5-42xm-7fh9", "summary": "The\n “socket” module provides a pure-Python fallback to the \nsocket.socketpair() function for platforms that don’t support AF_UNIX, \nsuch as Windows. This pure-Python implementation uses AF_INET or \nAF_INET6 to create a local connected pair of sockets. The connection \nbetween the two sockets was not verified before passing the two sockets \nback to the user, which leaves the server socket vulnerable to a \nconnection race from a malicious local peer.\n\nPlatforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19444", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1901", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19055", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19066", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19165", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19156", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19298", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19293", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19241", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19162", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19393", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20", "reference_id": "06fa244666ec6335a3b9bf2367e31b42b9a89b20", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/06fa244666ec6335a3b9bf2367e31b42b9a89b20" }, { "reference_url": "https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2", "reference_id": "0b65c8bf5367625673eafb92f85046a1b31259f2", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/0b65c8bf5367625673eafb92f85046a1b31259f2" }, { "reference_url": "https://github.com/python/cpython/issues/122133", "reference_id": "122133", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/issues/122133" }, { "reference_url": "https://github.com/python/cpython/pull/122134", "reference_id": "122134", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/pull/122134" }, { "reference_url": "https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c", "reference_id": "220e31adeaaa8436c9ff234cba1398bc49e2bb6c", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/220e31adeaaa8436c9ff234cba1398bc49e2bb6c" }, { "reference_url": "https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508", "reference_id": "2621a8a40ba4b2c68ca564671b7daa5da80a4508", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/2621a8a40ba4b2c68ca564671b7daa5da80a4508" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/29/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/29/3" }, { "reference_url": "https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d", "reference_id": "31302f5fc24eecd693f0c8aaba7c2840b09b594d", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/31302f5fc24eecd693f0c8aaba7c2840b09b594d" }, { "reference_url": "https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d", "reference_id": "3f5d9d12c74787fbf3f5891835c85cc15526c86d", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/3f5d9d12c74787fbf3f5891835c85cc15526c86d" }, { "reference_url": "https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39", "reference_id": "5df322e91a40909e6904bbdbc0c3a6b6a9eead39", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/5df322e91a40909e6904bbdbc0c3a6b6a9eead39" }, { "reference_url": "https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929", "reference_id": "5f90abaa786f994db3907fc31e2ee00ea2cf0929", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929" }, { "reference_url": "https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5", "reference_id": "78df1043dbdce5c989600616f9f87b4ee72944e5", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5" }, { "reference_url": "https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54", "reference_id": "b252317956b7fc035bb3774ef6a177e227f9fc54", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54" }, { "reference_url": "https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c", "reference_id": "c21a36112a0028d7ac3cf8f480e0dc88dba5922c", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/c21a36112a0028d7ac3cf8f480e0dc88dba5922c" }, { "reference_url": "https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde", "reference_id": "c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/c5655aa6ad120d2ed7f255bebd6e8b71a9c07dde" }, { "reference_url": "https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a", "reference_id": "e319f774f9e766a2b92949444a2d46081df3363a", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/e319f774f9e766a2b92949444a2d46081df3363a" }, { "reference_url": "https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660", "reference_id": "f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://github.com/python/cpython/commit/f071f01b7b7e19d7d6b3a4b0ec62f820ecb14660" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/", "reference_id": "WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-31T18:45:03Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/WYKDQWIERRE2ICIYMSVRZJO33GSCWU2B/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-3219" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymg5-42xm-7fh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59773?format=api", "vulnerability_id": "VCID-yqm8-fk44-4yhk", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5010.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5010.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90108", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90086", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90084", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90095", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90093", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90111", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90056", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05355", "scoring_system": "epss", "scoring_elements": "0.90071", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0601", "scoring_system": "epss", "scoring_elements": "0.90664", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0601", "scoring_system": "epss", "scoring_elements": "0.90659", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0601", "scoring_system": "epss", "scoring_elements": "0.90675", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html" }, { "reference_url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666519", "reference_id": "1666519", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666519" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921040", "reference_id": "921040", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921040" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5010", "reference_id": "CVE-2019-5010", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5010" }, { "reference_url": "https://security.gentoo.org/glsa/202003-26", "reference_id": "GLSA-202003-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2030", "reference_id": "RHSA-2019:2030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3520", "reference_id": "RHSA-2019:3520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3725", "reference_id": "RHSA-2019:3725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3725" }, { "reference_url": "https://usn.ubuntu.com/4127-1/", "reference_id": "USN-4127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-1/" }, { "reference_url": "https://usn.ubuntu.com/4127-2/", "reference_id": "USN-4127-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4127-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936948?format=api", "purl": "pkg:deb/debian/python2.7@2.7.15-6?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.15-6%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2019-5010" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yqm8-fk44-4yhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38889?format=api", "vulnerability_id": "VCID-z48d-eyxz-bycq", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83928", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83916", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83924", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83805", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.8389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83891", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957458", "reference_id": "1957458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195", "reference_id": "989195", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195" }, { "reference_url": "https://security.archlinux.org/AVG-1913", "reference_id": "AVG-1913", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4162", "reference_id": "RHSA-2021:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4162" }, { "reference_url": "https://usn.ubuntu.com/4973-1/", "reference_id": "USN-4973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4973-1/" }, { "reference_url": "https://usn.ubuntu.com/4973-2/", "reference_id": "USN-4973-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4973-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-29921" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z48d-eyxz-bycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34876?format=api", "vulnerability_id": "VCID-z6kh-961g-duck", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which allow remote attackers to cause a Denial of Service condition.", "references": [ { "reference_url": "http://bugs.python.org/issue6706", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue6706" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78452", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78483", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78466", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78493", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80196", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.8021", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80127", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80157", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80158", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80161", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01356", "scoring_system": "epss", "scoring_elements": "0.80189", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:215" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:216", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:216" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/09/09/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/09/09/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/09/11/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/09/11/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/09/22/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/09/22/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/09/24/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/09/24/3" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=638330", "reference_id": "638330", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638330" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3492", "reference_id": "CVE-2010-3492", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3492" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936926?format=api", "purl": "pkg:deb/debian/python2.7@2.7.8-11?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.8-11%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2010-3492" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6kh-961g-duck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/352122?format=api", "vulnerability_id": "VCID-zxzn-25zt-ukct", "summary": "Mitgation of CVE-2026-4519 was incomplete. If the URL contained \"%action\" the mitigation could be bypassed for certain browser types the \"webbrowser.open()\" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4786.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4786", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0299", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02998", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05385", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05347", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05427", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4786" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4786" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/148169", "reference_id": "148169", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/issues/148169" }, { "reference_url": "https://github.com/python/cpython/pull/148170", "reference_id": "148170", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/pull/148170" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458049", "reference_id": "2458049", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458049" }, { "reference_url": "https://github.com/python/cpython/commit/28b4ad38067bbdad34edfcd03ad2de5f06387e53", "reference_id": "28b4ad38067bbdad34edfcd03ad2de5f06387e53", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/28b4ad38067bbdad34edfcd03ad2de5f06387e53" }, { "reference_url": "https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca", "reference_id": "c5767a72838a8dda9d6dc5d3558075b055c56bca", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/c5767a72838a8dda9d6dc5d3558075b055c56bca" }, { "reference_url": "https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff", "reference_id": "d22922c8a7958353689dc4763dd72da2dea03fff", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/d22922c8a7958353689dc4763dd72da2dea03fff" }, { "reference_url": "https://github.com/python/cpython/commit/d6d68494be70bdbda20f89f83801ba52ec37daa4", "reference_id": "d6d68494be70bdbda20f89f83801ba52ec37daa4", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/d6d68494be70bdbda20f89f83801ba52ec37daa4" }, { "reference_url": "https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769", "reference_id": "f4654824ae0850ac87227fb270f9057477946769", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://github.com/python/cpython/commit/f4654824ae0850ac87227fb270f9057477946769" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/", "reference_id": "JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:43:47Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JQDUNJVB4AQNTJECSUKOBDU3XCJIPSE5/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10117", "reference_id": "RHSA-2026:10117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10140", "reference_id": "RHSA-2026:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10141", "reference_id": "RHSA-2026:10141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10711", "reference_id": "RHSA-2026:10711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10745", "reference_id": "RHSA-2026:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10774", "reference_id": "RHSA-2026:10774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10949", "reference_id": "RHSA-2026:10949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10950", "reference_id": "RHSA-2026:10950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11062", "reference_id": "RHSA-2026:11062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11077", "reference_id": "RHSA-2026:11077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8822", "reference_id": "RHSA-2026:8822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8824", "reference_id": "RHSA-2026:8824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9228", "reference_id": "RHSA-2026:9228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9228" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" } ], "aliases": [ "CVE-2026-4786" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zxzn-25zt-ukct" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" }