Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936983?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "type": "deb", "namespace": "debian", "name": "python3.9", "version": "3.9.2-1+deb11u2", "qualifiers": { "distro": "bullseye" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.9.2-1+deb11u3", "latest_non_vulnerable_version": "3.9.2-1+deb11u6", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36443?format=api", "vulnerability_id": "VCID-2j3t-a3r6-vfg7", "summary": "Multiple vulnerabilities have been found in Python, the worst of\n which might allow attackers to access sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23519", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2384", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24042", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23859", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2394", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935913", "reference_id": "1935913", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935913" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/", "reference_id": "25HVHLBGO2KNPXJ3G426QEYSSCECJDU5", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/" }, { "reference_url": "https://security.archlinux.org/AVG-1675", "reference_id": "AVG-1675", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1675" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/", "reference_id": "BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/", "reference_id": "DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/" }, { "reference_url": "https://security.gentoo.org/glsa/202104-04", "reference_id": "GLSA-202104-04", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://security.gentoo.org/glsa/202104-04" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/", "reference_id": "LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/", "reference_id": "N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210629-0003/", "reference_id": "ntap-20210629-0003", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210629-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/", "reference_id": "QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4162", "reference_id": "RHSA-2021:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4399", "reference_id": "RHSA-2021:4399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4399" }, { "reference_url": "https://usn.ubuntu.com/5342-1/", "reference_id": "USN-5342-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5342-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5342-3/", "reference_id": "USN-USN-5342-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5342-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/", "reference_id": "VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-3426" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2j3t-a3r6-vfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42640?format=api", "vulnerability_id": "VCID-2shb-2cvn-dyd2", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24329", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01081", "scoring_system": "epss", "scoring_elements": "0.77879", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.8075", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.8078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.80778", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01445", "scoring_system": "epss", "scoring_elements": "0.80742", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81602", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.816", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81581", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81653", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0159", "scoring_system": "epss", "scoring_elements": "0.81633", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24329" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/102153", "reference_id": "102153", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://github.com/python/cpython/issues/102153" }, { "reference_url": "https://www.kb.cert.org/vuls/id/127587", "reference_id": "127587", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://www.kb.cert.org/vuls/id/127587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173917", "reference_id": "2173917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173917" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/", "reference_id": "6PEVICI7YNGGMSL3UCMWGE66QFLATH72", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/" }, { "reference_url": "https://github.com/python/cpython/pull/99421", "reference_id": "99421", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://github.com/python/cpython/pull/99421" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/", "reference_id": "DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/", "reference_id": "EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/", "reference_id": "F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/", "reference_id": "GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/", "reference_id": "H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/", "reference_id": "JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/", "reference_id": "LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/", "reference_id": "MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230324-0004/", "reference_id": "ntap-20230324-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230324-0004/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/", "reference_id": "O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/", "reference_id": "OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/", "reference_id": "PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/", "reference_id": "PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/" }, { "reference_url": "https://pointernull.com/security/python-url-parse-problem.html", "reference_id": "python-url-parse-problem.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://pointernull.com/security/python-url-parse-problem.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/", "reference_id": "Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/", "reference_id": "QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/", "reference_id": "RA2MBEEES6L46OD64OBSVUUMGKNGMOWW", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3550", "reference_id": "RHSA-2023:3550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3555", "reference_id": "RHSA-2023:3555", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3555" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3556", "reference_id": "RHSA-2023:3556", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3585", "reference_id": "RHSA-2023:3585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3591", "reference_id": "RHSA-2023:3591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3594", "reference_id": "RHSA-2023:3594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3595", "reference_id": "RHSA-2023:3595", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3595" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3776", "reference_id": "RHSA-2023:3776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3777", "reference_id": "RHSA-2023:3777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3780", "reference_id": "RHSA-2023:3780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3781", "reference_id": "RHSA-2023:3781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3796", "reference_id": "RHSA-2023:3796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3810", "reference_id": "RHSA-2023:3810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3811", "reference_id": "RHSA-2023:3811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3931", "reference_id": "RHSA-2023:3931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3932", "reference_id": "RHSA-2023:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3934", "reference_id": "RHSA-2023:3934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3935", "reference_id": "RHSA-2023:3935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3936", "reference_id": "RHSA-2023:3936", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3936" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4004", "reference_id": "RHSA-2023:4004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4008", "reference_id": "RHSA-2023:4008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4032", "reference_id": "RHSA-2023:4032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4038", "reference_id": "RHSA-2023:4038", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4203", "reference_id": "RHSA-2023:4203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4282", "reference_id": "RHSA-2023:4282", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6793", "reference_id": "RHSA-2023:6793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6793" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/", "reference_id": "T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/", "reference_id": "TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/", "reference_id": "U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/", "reference_id": "UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/5960-1/", "reference_id": "USN-5960-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5960-1/" }, { "reference_url": "https://usn.ubuntu.com/6139-1/", "reference_id": "USN-6139-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6139-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/", "reference_id": "WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-24329" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2shb-2cvn-dyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75343?format=api", "vulnerability_id": "VCID-2v5u-2z4w-ffgx", "summary": "python: incorrect IPv4 and IPv6 private ranges", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4032.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4032", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78316", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78243", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78274", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78256", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78282", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78288", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.7832", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4032" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/113171", "reference_id": "113171", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/issues/113171" }, { "reference_url": "https://github.com/python/cpython/pull/113179", "reference_id": "113179", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/pull/113179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292921", "reference_id": "2292921", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292921" }, { "reference_url": "https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8", "reference_id": "22adf29da8d99933ffed8647d3e0726edd16f7f8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/22adf29da8d99933ffed8647d3e0726edd16f7f8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/17/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/3" }, { "reference_url": "https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f", "reference_id": "40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/40d75c2b7f5c67e254d0a025e0f2e2c7ada7f69f" }, { "reference_url": "https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3", "reference_id": "895f7e2ac23eff4743143beef0f0c5ac71ea27d3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3" }, { "reference_url": "https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb", "reference_id": "ba431579efdcbaed7a96f2ac4ea0775879a332fb", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/ba431579efdcbaed7a96f2ac4ea0775879a332fb" }, { "reference_url": "https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906", "reference_id": "c62c9e518b784fe44432a3f4fc265fb95b651906", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/c62c9e518b784fe44432a3f4fc265fb95b651906" }, { "reference_url": "https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3", "reference_id": "f86b17ac511e68192ba71f27e752321a3252cee3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://github.com/python/cpython/commit/f86b17ac511e68192ba71f27e752321a3252cee3" }, { "reference_url": "https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml", "reference_id": "iana-ipv4-special-registry.xhtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml" }, { "reference_url": "https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml", "reference_id": "iana-ipv6-special-registry.xhtml", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/", "reference_id": "NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/NRUHDUS2IV2USIZM2CVMSFL6SCKU3RZA/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240726-0004/", "reference_id": "ntap-20240726-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:21:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240726-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4766", "reference_id": "RHSA-2024:4766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4779", "reference_id": "RHSA-2024:4779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5962", "reference_id": "RHSA-2024:5962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6030", "reference_id": "RHSA-2024:6030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6961", "reference_id": "RHSA-2024:6961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6962", "reference_id": "RHSA-2024:6962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6975", "reference_id": "RHSA-2024:6975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7417", "reference_id": "RHSA-2024:7417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://usn.ubuntu.com/6928-1/", "reference_id": "USN-6928-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6928-1/" }, { "reference_url": "https://usn.ubuntu.com/6941-1/", "reference_id": "USN-6941-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6941-1/" }, { "reference_url": "https://usn.ubuntu.com/7348-1/", "reference_id": "USN-7348-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7348-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-4032" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2v5u-2z4w-ffgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38870?format=api", "vulnerability_id": "VCID-4gsg-5e6s-63g4", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80333", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.8034", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.8036", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80392", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80407", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80378", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80419", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80415", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80414", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80385", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120642", "reference_id": "2120642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120642" }, { "reference_url": "https://github.com/python/cpython/pull/24848", "reference_id": "24848", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://github.com/python/cpython/pull/24848" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/", "reference_id": "2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/", "reference_id": "5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/", "reference_id": "5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/" }, { "reference_url": "https://github.com/python/cpython/pull/93879", "reference_id": "93879", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://github.com/python/cpython/pull/93879" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/", "reference_id": "DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/", "reference_id": "HPX4XHT2FGVQYLY2STT2MRVENILNZTTU", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/", "reference_id": "I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/", "reference_id": "IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/" }, { "reference_url": "https://bugs.python.org/issue43223", "reference_id": "issue43223", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://bugs.python.org/issue43223" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/", "reference_id": "KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/", "reference_id": "OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/", "reference_id": "QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6766", "reference_id": "RHSA-2022:6766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8353", "reference_id": "RHSA-2022:8353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0833", "reference_id": "RHSA-2023:0833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2763", "reference_id": "RHSA-2023:2763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2764", "reference_id": "RHSA-2023:2764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2764" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/", "reference_id": "S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/", "reference_id": "TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/" }, { "reference_url": "https://usn.ubuntu.com/5629-1/", "reference_id": "USN-5629-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5629-1/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/", "reference_id": "WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/", "reference_id": "X46T4EFTIBXZRYTGASBDEZGYJINH2OWV", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-17T01:59:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-28861" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gsg-5e6s-63g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42641?format=api", "vulnerability_id": "VCID-4z89-3tfk-pyge", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.6894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68929", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68938", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.68909", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.6895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00581", "scoring_system": "epss", "scoring_elements": "0.6896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69324", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69341", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235789", "reference_id": "2235789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235789" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231006-0014/", "reference_id": "ntap-20231006-0014", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231006-0014/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/", "reference_id": "PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5456", "reference_id": "RHSA-2023:5456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5462", "reference_id": "RHSA-2023:5462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5463", "reference_id": "RHSA-2023:5463", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5472", "reference_id": "RHSA-2023:5472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5528", "reference_id": "RHSA-2023:5528", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5531", "reference_id": "RHSA-2023:5531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5990", "reference_id": "RHSA-2023:5990", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5990" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5991", "reference_id": "RHSA-2023:5991", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5991" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5992", "reference_id": "RHSA-2023:5992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5993", "reference_id": "RHSA-2023:5993", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5993" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5994", "reference_id": "RHSA-2023:5994", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5994" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5995", "reference_id": "RHSA-2023:5995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5996", "reference_id": "RHSA-2023:5996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5997", "reference_id": "RHSA-2023:5997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5998", "reference_id": "RHSA-2023:5998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6068", "reference_id": "RHSA-2023:6068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6069", "reference_id": "RHSA-2023:6069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6290", "reference_id": "RHSA-2023:6290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6793", "reference_id": "RHSA-2023:6793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6823", "reference_id": "RHSA-2023:6823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6885", "reference_id": "RHSA-2023:6885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6885" }, { "reference_url": "https://www.python.org/dev/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/" } ], "url": "https://www.python.org/dev/security/" }, { "reference_url": "https://usn.ubuntu.com/6513-1/", "reference_id": "USN-6513-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6513-1/" }, { "reference_url": "https://usn.ubuntu.com/6513-2/", "reference_id": "USN-6513-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6513-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7180-1/", "reference_id": "USN-7180-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7180-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-40217" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4z89-3tfk-pyge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42639?format=api", "vulnerability_id": "VCID-7ka5-7jrn-dber", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6597.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22994", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23185", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22974", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23101", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23121", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23028", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23041", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23033", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6597" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a", "reference_id": "02a9259c717738dfe6b463c44d7e17f2b6d2cb3a", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/02a9259c717738dfe6b463c44d7e17f2b6d2cb3a" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135", "reference_id": "1070135", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276518", "reference_id": "2276518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276518" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/20/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5" }, { "reference_url": "https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25", "reference_id": "5585334d772b253a01a6730e8202ffb1607c3d25", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/5585334d772b253a01a6730e8202ffb1607c3d25" }, { "reference_url": "https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5", "reference_id": "6ceb8aeda504b079fef7a57b8d81472f15cdd9a5", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/6ceb8aeda504b079fef7a57b8d81472f15cdd9a5" }, { "reference_url": "https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d", "reference_id": "81c16cd94ec38d61aa478b9a452436dc3b1b524d", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/81c16cd94ec38d61aa478b9a452436dc3b1b524d" }, { "reference_url": "https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82", "reference_id": "8eaeefe49d179ca4908d052745e3bb8b6f238f82", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/8eaeefe49d179ca4908d052745e3bb8b6f238f82" }, { "reference_url": "https://github.com/python/cpython/issues/91133", "reference_id": "91133", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/issues/91133" }, { "reference_url": "https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b", "reference_id": "d54e22a669ae6e987199bb5d2c69bb5a46b0083b", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/", "reference_id": "Q5C6ATFC67K53XFV4KE45325S7NS62LD", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/Q5C6ATFC67K53XFV4KE45325S7NS62LD/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3347", "reference_id": "RHSA-2024:3347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3391", "reference_id": "RHSA-2024:3391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3466", "reference_id": "RHSA-2024:3466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4058", "reference_id": "RHSA-2024:4058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4077", "reference_id": "RHSA-2024:4077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4078", "reference_id": "RHSA-2024:4078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4166", "reference_id": "RHSA-2024:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4370", "reference_id": "RHSA-2024:4370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4406", "reference_id": "RHSA-2024:4406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4456", "reference_id": "RHSA-2024:4456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4896", "reference_id": "RHSA-2024:4896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5535", "reference_id": "RHSA-2024:5535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5689", "reference_id": "RHSA-2024:5689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0364", "reference_id": "RHSA-2025:0364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0646", "reference_id": "RHSA-2025:0646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0650", "reference_id": "RHSA-2025:0650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0832", "reference_id": "RHSA-2025:0832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1116", "reference_id": "RHSA-2025:1116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1120", "reference_id": "RHSA-2025:1120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2705", "reference_id": "RHSA-2025:2705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2705" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/", "reference_id": "T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/", "reference_id": "U5VHWS52HGD743C47UMCSAK2A773M2YE", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-05T19:08:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-6597" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ka5-7jrn-dber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31508?format=api", "vulnerability_id": "VCID-7s7y-9bw5-m3ep", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6232.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6232.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03175", "scoring_system": "epss", "scoring_elements": "0.86908", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03175", "scoring_system": "epss", "scoring_elements": "0.86927", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88478", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88442", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88461", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88467", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88477", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.8847", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.88483", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04022", "scoring_system": "epss", "scoring_elements": "0.8848", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6232", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6232" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/121285", "reference_id": "121285", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/issues/121285" }, { "reference_url": "https://github.com/python/cpython/pull/121286", "reference_id": "121286", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/pull/121286" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309426", "reference_id": "2309426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309426" }, { "reference_url": "https://github.com/python/cpython/commit/34ddb64d088dd7ccc321f6103d23153256caa5d4", "reference_id": "34ddb64d088dd7ccc321f6103d23153256caa5d4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/34ddb64d088dd7ccc321f6103d23153256caa5d4" }, { "reference_url": "https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06", "reference_id": "4eaf4891c12589e3c7bdad5f5b076e4c8392dd06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06" }, { "reference_url": "https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4", "reference_id": "743acbe872485dc18df4d8ab2dc7895187f062c4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4" }, { "reference_url": "https://github.com/python/cpython/commit/7d1f50cd92ff7e10a1c15a8f591dde8a6843a64d", "reference_id": "7d1f50cd92ff7e10a1c15a8f591dde8a6843a64d", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/7d1f50cd92ff7e10a1c15a8f591dde8a6843a64d" }, { "reference_url": "https://github.com/python/cpython/commit/b4225ca91547aa97ed3aca391614afbb255bc877", "reference_id": "b4225ca91547aa97ed3aca391614afbb255bc877", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/b4225ca91547aa97ed3aca391614afbb255bc877" }, { "reference_url": "https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf", "reference_id": "d449caf8a179e3b954268b3a88eb9170be3c8fbf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf" }, { "reference_url": "https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373", "reference_id": "ed3a49ea734ada357ff4442996fd4ae71d253373", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/", "reference_id": "JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-04T15:24:31Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6909", "reference_id": "RHSA-2024:6909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6975", "reference_id": "RHSA-2024:6975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7415", "reference_id": "RHSA-2024:7415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7647", "reference_id": "RHSA-2024:7647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8130", "reference_id": "RHSA-2024:8130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8359", "reference_id": "RHSA-2024:8359", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8374", "reference_id": "RHSA-2024:8374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8446", "reference_id": "RHSA-2024:8446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8447", "reference_id": "RHSA-2024:8447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8490", "reference_id": "RHSA-2024:8490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8504", "reference_id": "RHSA-2024:8504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8797", "reference_id": "RHSA-2024:8797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8836", "reference_id": "RHSA-2024:8836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8838", "reference_id": "RHSA-2024:8838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8977", "reference_id": "RHSA-2024:8977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9450", "reference_id": "RHSA-2024:9450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9451", "reference_id": "RHSA-2024:9451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9468", "reference_id": "RHSA-2024:9468", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9468" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1750", "reference_id": "RHSA-2025:1750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1750" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" }, { "reference_url": "https://usn.ubuntu.com/7015-2/", "reference_id": "USN-7015-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-2/" }, { "reference_url": "https://usn.ubuntu.com/7015-5/", "reference_id": "USN-7015-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-5/" }, { "reference_url": "https://usn.ubuntu.com/7488-1/", "reference_id": "USN-7488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7488-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-6232" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7s7y-9bw5-m3ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31510?format=api", "vulnerability_id": "VCID-9nvp-aus1-9yed", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6923.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6923.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46874", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.4685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46868", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.4687", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46893", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46866", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46873", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46929", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55276", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6923" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147", "reference_id": "06f28dc236708f72871c64d4bc4b4ea144c50147", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147" }, { "reference_url": "https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384", "reference_id": "097633981879b3c9de9a1dd120d3aa585ecc2384", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384" }, { "reference_url": "https://github.com/python/cpython/issues/121650", "reference_id": "121650", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/issues/121650" }, { "reference_url": "https://github.com/python/cpython/pull/122233", "reference_id": "122233", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/pull/122233" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302255", "reference_id": "2302255", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302255" }, { "reference_url": "https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7", "reference_id": "4766d1200fdf8b6728137aa2927a297e224d5fa7", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7" }, { "reference_url": "https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0", "reference_id": "4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/4aaa4259b5a6e664b7316a4d60bdec7ee0f124d0" }, { "reference_url": "https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1", "reference_id": "b158a76ce094897c870fb6b3de62887b7ccc33f1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/b158a76ce094897c870fb6b3de62887b7ccc33f1" }, { "reference_url": "https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6", "reference_id": "f7be505d137a22528cb0fc004422c0081d5d90e6", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/f7be505d137a22528cb0fc004422c0081d5d90e6" }, { "reference_url": "https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533", "reference_id": "f7c0f09e69e950cf3c5ada9dbde93898eb975533", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://github.com/python/cpython/commit/f7c0f09e69e950cf3c5ada9dbde93898eb975533" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/", "reference_id": "QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-01T18:15:02Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10135", "reference_id": "RHSA-2024:10135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11109", "reference_id": "RHSA-2024:11109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5962", "reference_id": "RHSA-2024:5962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6146", "reference_id": "RHSA-2024:6146", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6146" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6163", "reference_id": "RHSA-2024:6163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6179", "reference_id": "RHSA-2024:6179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6909", "reference_id": "RHSA-2024:6909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6915", "reference_id": "RHSA-2024:6915", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6915" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6961", "reference_id": "RHSA-2024:6961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6962", "reference_id": "RHSA-2024:6962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6975", "reference_id": "RHSA-2024:6975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6975" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7137", "reference_id": "RHSA-2024:7137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7213", "reference_id": "RHSA-2024:7213", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7213" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7374", "reference_id": "RHSA-2024:7374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7415", "reference_id": "RHSA-2024:7415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8103", "reference_id": "RHSA-2024:8103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8103" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" }, { "reference_url": "https://usn.ubuntu.com/7015-5/", "reference_id": "USN-7015-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-6923" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nvp-aus1-9yed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38942?format=api", "vulnerability_id": "VCID-a8mv-mr3q-vygz", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09956", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10042", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10002", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10026", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10004", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1157", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42919" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138705", "reference_id": "2138705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138705" }, { "reference_url": "https://github.com/python/cpython/issues/97514", "reference_id": "97514", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/issues/97514" }, { "reference_url": "https://github.com/python/cpython/issues/97514#issuecomment-1310277840", "reference_id": "97514#issuecomment-1310277840", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/issues/97514#issuecomment-1310277840" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/", "reference_id": "FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKGCQPIVHEAIJ77R3RSNSQWYBUDVWDKU/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0006/", "reference_id": "ntap-20221209-0006", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0006/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/", "reference_id": "P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2LHWWEI5OBQ6RELULMVU6KMDYG4WZXH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/", "reference_id": "PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PI5DYIED6U26BGX5IRZWNCP6TY4M2ZGZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/", "reference_id": "QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/", "reference_id": "R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6KGIRHSENZ4QAB234Z36HVIDTRJ3MFI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/", "reference_id": "RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8492", "reference_id": "RHSA-2022:8492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8493", "reference_id": "RHSA-2022:8493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8493" }, { "reference_url": "https://usn.ubuntu.com/5713-1/", "reference_id": "USN-5713-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5713-1/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://github.com/python/cpython/compare/v3.10.8...v3.10.9", "reference_id": "v3.10.8...v3.10.9", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/compare/v3.10.8...v3.10.9" }, { "reference_url": "https://github.com/python/cpython/compare/v3.9.15...v3.9.16", "reference_id": "v3.9.15...v3.9.16", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://github.com/python/cpython/compare/v3.9.15...v3.9.16" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/", "reference_id": "VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCRKBB5Y5EWTJUNC7LK665WO64DDXSTN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/", "reference_id": "XX6LLAXGZVZ327REY6MDZRMMP47LJ53P", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-02T18:38:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XX6LLAXGZVZ327REY6MDZRMMP47LJ53P/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-42919" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8mv-mr3q-vygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38829?format=api", "vulnerability_id": "VCID-bqp2-x383-xqfh", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-20107.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-20107.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-20107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75672", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75706", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75719", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.7573", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75754", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75735", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.7577", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75755", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-20107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075390", "reference_id": "2075390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6457", "reference_id": "RHSA-2022:6457", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6766", "reference_id": "RHSA-2022:6766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7581", "reference_id": "RHSA-2022:7581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7581" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7592", "reference_id": "RHSA-2022:7592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7593", "reference_id": "RHSA-2022:7593", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7593" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8353", "reference_id": "RHSA-2022:8353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8353" }, { "reference_url": "https://usn.ubuntu.com/5519-1/", "reference_id": "USN-5519-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5519-1/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2015-20107" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqp2-x383-xqfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80106?format=api", "vulnerability_id": "VCID-ct6h-d1eh-7bgj", "summary": "python: urllib: Regular expression DoS in AbstractBasicAuthHandler", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3733.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3733.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3733", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00666", "scoring_system": "epss", "scoring_elements": "0.71189", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00666", "scoring_system": "epss", "scoring_elements": "0.71198", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00666", "scoring_system": "epss", "scoring_elements": "0.71216", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73361", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73341", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73333", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73376", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73383", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73377", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73288", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73337", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3733" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995234", "reference_id": "1995234", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4057", "reference_id": "RHSA-2021:4057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1663", "reference_id": "RHSA-2022:1663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1764", "reference_id": "RHSA-2022:1764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1821", "reference_id": "RHSA-2022:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1821" }, { "reference_url": "https://usn.ubuntu.com/5083-1/", "reference_id": "USN-5083-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5083-1/" }, { "reference_url": "https://usn.ubuntu.com/5199-1/", "reference_id": "USN-5199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5199-1/" }, { "reference_url": "https://usn.ubuntu.com/5200-1/", "reference_id": "USN-5200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5200-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-3733" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ct6h-d1eh-7bgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78472?format=api", "vulnerability_id": "VCID-dexx-3ssz-nqfg", "summary": "python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27043.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27043.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39102", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39064", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39089", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38839", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39069", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39099", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39021", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27043" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27043" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/102988", "reference_id": "102988", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://github.com/python/cpython/issues/102988" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059298", "reference_id": "1059298", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059298" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072179", "reference_id": "1072179", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196183", "reference_id": "2196183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196183" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/", "reference_id": "4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/", "reference_id": "75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/", "reference_id": "ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/", "reference_id": "BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/" }, { "reference_url": "https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html", "reference_id": "email-parseaddr-realname.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/", "reference_id": "HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/", "reference_id": "N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/", "reference_id": "NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230601-0003/", "reference_id": "ntap-20230601-0003", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230601-0003/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/", "reference_id": "ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/", "reference_id": "P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/", "reference_id": "P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/", "reference_id": "PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/", "reference_id": "PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/" }, { "reference_url": "http://python.org", "reference_id": "python.org", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "http://python.org" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/", "reference_id": "QDRDDPDN3VFIYXJIYEABY6USX5EU66AG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/", "reference_id": "RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0256", "reference_id": "RHSA-2024:0256", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0256" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0430", "reference_id": "RHSA-2024:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0454", "reference_id": "RHSA-2024:0454", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0466", "reference_id": "RHSA-2024:0466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0586", "reference_id": "RHSA-2024:0586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2292", "reference_id": "RHSA-2024:2292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2985", "reference_id": "RHSA-2024:2985", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2985" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3062", "reference_id": "RHSA-2024:3062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3062" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/", "reference_id": "SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/", "reference_id": "SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" }, { "reference_url": "https://usn.ubuntu.com/7015-3/", "reference_id": "USN-7015-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-3/" }, { "reference_url": "https://usn.ubuntu.com/7015-4/", "reference_id": "USN-7015-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-4/" }, { "reference_url": "https://usn.ubuntu.com/7015-7/", "reference_id": "USN-7015-7", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/", "reference_id": "VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/", "reference_id": "XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/", "reference_id": "YQVY5C5REXWJIORJIL2FIL3ALOEJEF72", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:27:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2023-27043" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dexx-3ssz-nqfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31513?format=api", "vulnerability_id": "VCID-dnv8-yrd6-c7cv", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4593", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45876", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45869", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45877", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45853", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45825", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45875", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8088" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1", "reference_id": "0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/0aa1ee22ab6e204e9d3d0e9dd63ea648ed691ef1" }, { "reference_url": "https://github.com/python/cpython/issues/122905", "reference_id": "122905", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/issues/122905" }, { "reference_url": "https://github.com/python/cpython/pull/122906", "reference_id": "122906", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/pull/122906" }, { "reference_url": "https://github.com/python/cpython/issues/123270", "reference_id": "123270", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/issues/123270" }, { "reference_url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6", "reference_id": "2231286d78d328c2f575e0b05b16fe447d1656d6", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/2231286d78d328c2f575e0b05b16fe447d1656d6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307370", "reference_id": "2307370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307370" }, { "reference_url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e", "reference_id": "795f2597a4be988e2bb19b69ff9958e981cb894e", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/795f2597a4be988e2bb19b69ff9958e981cb894e" }, { "reference_url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814", "reference_id": "7bc367e464ce50b956dd232c1dfa1cad4e7fb814", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/7bc367e464ce50b956dd232c1dfa1cad4e7fb814" }, { "reference_url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4", "reference_id": "7e8883a3f04d308302361aeffc73e0e9837f19d4", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/7e8883a3f04d308302361aeffc73e0e9837f19d4" }, { "reference_url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64", "reference_id": "8c7348939d8a3ecd79d630075f6be1b0c5b41f64", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/8c7348939d8a3ecd79d630075f6be1b0c5b41f64" }, { "reference_url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a", "reference_id": "95b073bddefa6243effa08e131e297c0383e7f6a", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/95b073bddefa6243effa08e131e297c0383e7f6a" }, { "reference_url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7", "reference_id": "962055268ed4f2ca1d717bfc8b6385de50a23ab7", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/962055268ed4f2ca1d717bfc8b6385de50a23ab7" }, { "reference_url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932", "reference_id": "9cd03263100ddb1657826cc4a71470786cab3932", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/9cd03263100ddb1657826cc4a71470786cab3932" }, { "reference_url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea", "reference_id": "dcc5182f27c1500006a1ef78e10613bb45788dea", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/dcc5182f27c1500006a1ef78e10613bb45788dea" }, { "reference_url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db", "reference_id": "e0264a61119d551658d9445af38323ba94fc16db", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/e0264a61119d551658d9445af38323ba94fc16db" }, { "reference_url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798", "reference_id": "fc0b8259e693caa8400fa8b6ac1e494e47ea7798", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://github.com/python/cpython/commit/fc0b8259e693caa8400fa8b6ac1e494e47ea7798" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/", "reference_id": "GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/RE:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-23T17:18:49Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5962", "reference_id": "RHSA-2024:5962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6163", "reference_id": "RHSA-2024:6163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6961", "reference_id": "RHSA-2024:6961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6962", "reference_id": "RHSA-2024:6962", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9371", "reference_id": "RHSA-2024:9371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9371" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-8088" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnv8-yrd6-c7cv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80107?format=api", "vulnerability_id": "VCID-e6rs-jwvu-jycd", "summary": "python: urllib: HTTP client possible infinite loop on a 100 Continue response", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30825", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30954", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30749", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30852", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30821", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30866", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31001", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30818", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30906", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995162", "reference_id": "1995162", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995162" }, { "reference_url": "https://github.com/python/cpython/pull/25916", "reference_id": "25916", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://github.com/python/cpython/pull/25916" }, { "reference_url": "https://github.com/python/cpython/pull/26503", "reference_id": "26503", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://github.com/python/cpython/pull/26503" }, { "reference_url": "https://ubuntu.com/security/CVE-2021-3737", "reference_id": "CVE-2021-3737", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://ubuntu.com/security/CVE-2021-3737" }, { "reference_url": "https://bugs.python.org/issue44022", "reference_id": "issue44022", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://bugs.python.org/issue44022" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220407-0009/", "reference_id": "ntap-20220407-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220407-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1663", "reference_id": "RHSA-2022:1663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1764", "reference_id": "RHSA-2022:1764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1821", "reference_id": "RHSA-2022:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1986", "reference_id": "RHSA-2022:1986", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1986" }, { "reference_url": "https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html", "reference_id": "urllib-100-continue-loop.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:32:43Z/" } ], "url": "https://python-security.readthedocs.io/vuln/urllib-100-continue-loop.html" }, { "reference_url": "https://usn.ubuntu.com/5083-1/", "reference_id": "USN-5083-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5083-1/" }, { "reference_url": "https://usn.ubuntu.com/5199-1/", "reference_id": "USN-5199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5199-1/" }, { "reference_url": "https://usn.ubuntu.com/5200-1/", "reference_id": "USN-5200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5200-1/" }, { "reference_url": "https://usn.ubuntu.com/5201-1/", "reference_id": "USN-5201-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5201-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-3737" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6rs-jwvu-jycd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79075?format=api", "vulnerability_id": "VCID-h7z2-vc14-nfhq", "summary": "python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10735.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59716", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59726", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.5971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59691", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59731", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59693", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59707", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60314", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60339", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60307", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60237", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423", "reference_id": "1834423", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6766", "reference_id": "RHSA-2022:6766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7323", "reference_id": "RHSA-2022:7323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0833", "reference_id": "RHSA-2023:0833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2763", "reference_id": "RHSA-2023:2763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2764", "reference_id": "RHSA-2023:2764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0430", "reference_id": "RHSA-2024:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0430" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2020-10735" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7z2-vc14-nfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79859?format=api", "vulnerability_id": "VCID-j8hj-k7wy-yfch", "summary": "python: ftplib should not use the host from the PASV response", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4189.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4189.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77637", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77547", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77554", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.7758", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.7756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.7759", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77597", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77644", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01057", "scoring_system": "epss", "scoring_elements": "0.77642", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e", "reference_id": "0ab152c6b5d95caa2dc1a30fa96e10258b5f188e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036020", "reference_id": "2036020", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036020" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2021-4189", "reference_id": "CVE-2021-4189", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2021-4189" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2021-4189", "reference_id": "CVE-2021-4189", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2021-4189" }, { "reference_url": "https://python-security.readthedocs.io/vuln/ftplib-pasv.html", "reference_id": "ftplib-pasv.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://python-security.readthedocs.io/vuln/ftplib-pasv.html" }, { "reference_url": "https://bugs.python.org/issue43285", "reference_id": "issue43285", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://bugs.python.org/issue43285" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221104-0004/", "reference_id": "ntap-20221104-0004", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221104-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1663", "reference_id": "RHSA-2022:1663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1821", "reference_id": "RHSA-2022:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1986", "reference_id": "RHSA-2022:1986", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1986" }, { "reference_url": "https://usn.ubuntu.com/5342-1/", "reference_id": "USN-5342-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5342-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5342-2/", "reference_id": "USN-USN-5342-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5342-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-4189" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j8hj-k7wy-yfch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42644?format=api", "vulnerability_id": "VCID-js5p-py72-2kga", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35429", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35409", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35384", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35338", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35454", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35328", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3538", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35392", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35352", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35374", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133", "reference_id": "1070133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133" }, { "reference_url": "https://github.com/python/cpython/issues/109858", "reference_id": "109858", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/issues/109858" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276525", "reference_id": "2276525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276525" }, { "reference_url": "https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85", "reference_id": "30fe5d853b56138dbec62432d370a1f99409fc85", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/20/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5" }, { "reference_url": "https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba", "reference_id": "66363b9a7b9fe7c99eba3a185b74c5fdbf842eba", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba" }, { "reference_url": "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675", "reference_id": "70497218351ba44bffc8b571201ecb5652d84675", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675" }, { "reference_url": "https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51", "reference_id": "a2c59992e9e8d35baba9695eb186ad6c6ff85c51", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51" }, { "reference_url": "https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549", "reference_id": "a956e510f6336d5ae111ba429a61c3ade30a7549", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549" }, { "reference_url": "https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183", "reference_id": "d05bac0b74153beb541b88b4fca33bf053990183", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183" }, { "reference_url": "https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b", "reference_id": "fa181fcf2156f703347b03a3b1966ce47be8ab3b", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3347", "reference_id": "RHSA-2024:3347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3391", "reference_id": "RHSA-2024:3391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3466", "reference_id": "RHSA-2024:3466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4058", "reference_id": "RHSA-2024:4058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4078", "reference_id": "RHSA-2024:4078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4243", "reference_id": "RHSA-2024:4243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4406", "reference_id": "RHSA-2024:4406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/", "reference_id": "T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/", "reference_id": "U5VHWS52HGD743C47UMCSAK2A773M2YE", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7212-1/", "reference_id": "USN-7212-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7212-1/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/", "reference_id": "XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/" }, { "reference_url": "https://www.bamsoftware.com/hacks/zipbomb/", "reference_id": "zipbomb", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://www.bamsoftware.com/hacks/zipbomb/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-0450" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-js5p-py72-2kga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38959?format=api", "vulnerability_id": "VCID-qqh6-evfk-1fgy", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45061.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29338", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29264", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29236", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29209", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29262", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29308", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29304", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29387", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31524", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31557", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144072", "reference_id": "2144072", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144072" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/", "reference_id": "2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/", "reference_id": "35YDIWCUMWTMDBWFRAVENFH6BLB65D6S", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/", "reference_id": "4WBZJNSALFGMPYTINIF57HAAK46U72WQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/", "reference_id": "63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/", "reference_id": "7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/" }, { "reference_url": "https://github.com/python/cpython/issues/98433", "reference_id": "98433", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://github.com/python/cpython/issues/98433" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/", "reference_id": "B3YI6JYARWU6GULWOHNUROSACT54XFFS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/", "reference_id": "B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4MYQ3IV6NWA4CKSXEHW45CH2YNDHEPH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/", "reference_id": "BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BWJREJHWVRBYDP43YB5WRL3QC7UBA7BR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/", "reference_id": "GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/", "reference_id": "IN26PWZTYG6IF3APLRXQJBVACQHZUPT2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/", "reference_id": "JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/", "reference_id": "JTYVESWVBPD57ZJC35G5722Q6TS37WSB", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/", "reference_id": "KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/", "reference_id": "LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0007/", "reference_id": "ntap-20221209-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/", "reference_id": "O67LRHDTJWH544KXB6KY4HMHQLYDXFPK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/", "reference_id": "ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/", "reference_id": "PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/", "reference_id": "QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCKD4AFBHXIMHS64ZER2U7QRT33HNE7L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/", "reference_id": "QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/", "reference_id": "RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/", "reference_id": "RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0833", "reference_id": "RHSA-2023:0833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0953", "reference_id": "RHSA-2023:0953", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0953" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2763", "reference_id": "RHSA-2023:2763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2764", "reference_id": "RHSA-2023:2764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2860", "reference_id": "RHSA-2023:2860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6793", "reference_id": "RHSA-2023:6793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0430", "reference_id": "RHSA-2024:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0430" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/", "reference_id": "RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/", "reference_id": "T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/", "reference_id": "UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/" }, { "reference_url": "https://usn.ubuntu.com/5767-1/", "reference_id": "USN-5767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5767-1/" }, { "reference_url": "https://usn.ubuntu.com/5767-2/", "reference_id": "USN-5767-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5767-2/" }, { "reference_url": "https://usn.ubuntu.com/5888-1/", "reference_id": "USN-5888-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5888-1/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7212-1/", "reference_id": "USN-7212-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7212-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/", "reference_id": "VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/", "reference_id": "X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/", "reference_id": "XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/", "reference_id": "YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/", "reference_id": "ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T14:24:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2022-45061" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqh6-evfk-1fgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75344?format=api", "vulnerability_id": "VCID-qwhz-912b-8kh5", "summary": "cpython: python: Memory race condition in ssl.SSLContext certificate store methods", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59633", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59658", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59679", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59677", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.5971", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59717", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0397" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d", "reference_id": "01c37f1d0714f5822d34063ca7180b595abf589d", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d" }, { "reference_url": "https://github.com/python/cpython/issues/114572", "reference_id": "114572", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/issues/114572" }, { "reference_url": "https://github.com/python/cpython/pull/114573", "reference_id": "114573", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/pull/114573" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/17/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301891", "reference_id": "2301891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301891" }, { "reference_url": "https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524", "reference_id": "29c97287d205bf2f410f4895ebce3f43b5160524", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524" }, { "reference_url": "https://github.com/python/cpython/commit/37324b421b72b7bc9934e27aba85d48d4773002e", "reference_id": "37324b421b72b7bc9934e27aba85d48d4773002e", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/37324b421b72b7bc9934e27aba85d48d4773002e" }, { "reference_url": "https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286", "reference_id": "542f3272f56f31ed04e74c40635a913fbc12d286", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286" }, { "reference_url": "https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa", "reference_id": "b228655c227b2ca298a8ffac44d14ce3d22f6faa", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa" }, { "reference_url": "https://github.com/python/cpython/commit/bce693111bff906ccf9281c22371331aaff766ab", "reference_id": "bce693111bff906ccf9281c22371331aaff766ab", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/bce693111bff906ccf9281c22371331aaff766ab" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/", "reference_id": "BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10983", "reference_id": "RHSA-2024:10983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://usn.ubuntu.com/6928-1/", "reference_id": "USN-6928-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6928-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-0397" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwhz-912b-8kh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72803?format=api", "vulnerability_id": "VCID-smck-sdx2-c7du", "summary": "python: Improper validation of IPv6 and IPvFuture addresses", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64801", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64751", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.66749", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.6672", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00517", "scoring_system": "epss", "scoring_elements": "0.66762", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00552", "scoring_system": "epss", "scoring_elements": "0.68006", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00552", "scoring_system": "epss", "scoring_elements": "0.67987", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69534", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69544", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69553", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11168" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/103848", "reference_id": "103848", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://github.com/python/cpython/issues/103848" }, { "reference_url": "https://github.com/python/cpython/pull/103849", "reference_id": "103849", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://github.com/python/cpython/pull/103849" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325776", "reference_id": "2325776", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325776" }, { "reference_url": "https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5", "reference_id": "29f348e232e82938ba2165843c448c2b291504c5", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://github.com/python/cpython/commit/29f348e232e82938ba2165843c448c2b291504c5" }, { "reference_url": "https://github.com/python/cpython/commit/634ded45545ce8cbd6fd5d49785613dd7fa9b89e", "reference_id": "634ded45545ce8cbd6fd5d49785613dd7fa9b89e", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://github.com/python/cpython/commit/634ded45545ce8cbd6fd5d49785613dd7fa9b89e" }, { "reference_url": "https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550", "reference_id": "b2171a2fd41416cf68afd67460578631d755a550", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://github.com/python/cpython/commit/b2171a2fd41416cf68afd67460578631d755a550" }, { "reference_url": "https://github.com/python/cpython/commit/ddca2953191c67a12b1f19d6bca41016c6ae7132", "reference_id": "ddca2953191c67a12b1f19d6bca41016c6ae7132", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://github.com/python/cpython/commit/ddca2953191c67a12b1f19d6bca41016c6ae7132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10779", "reference_id": "RHSA-2024:10779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10983", "reference_id": "RHSA-2024:10983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://usn.ubuntu.com/7218-1/", "reference_id": "USN-7218-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7218-1/" }, { "reference_url": "https://usn.ubuntu.com/7280-3/", "reference_id": "USN-7280-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7280-3/" }, { "reference_url": "https://usn.ubuntu.com/7348-1/", "reference_id": "USN-7348-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7348-1/" }, { "reference_url": "https://usn.ubuntu.com/7488-1/", "reference_id": "USN-7488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7488-1/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/", "reference_id": "XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/AU:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:09:42Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XPWB6XVZ5G5KGEI63M4AWLIEUF5BPH4T/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-11168" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-smck-sdx2-c7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73076?format=api", "vulnerability_id": "VCID-tbuw-2msj-tqd9", "summary": "python: Virtual environment (venv) activation scripts don't quote paths", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9287.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9287.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19864", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19915", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19944", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19862", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19866", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9287" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089117", "reference_id": "1089117", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089117" }, { "reference_url": "https://github.com/python/cpython/issues/124651", "reference_id": "124651", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/issues/124651" }, { "reference_url": "https://github.com/python/cpython/pull/124712", "reference_id": "124712", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/pull/124712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321440", "reference_id": "2321440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321440" }, { "reference_url": "https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7", "reference_id": "633555735a023d3e4d92ba31da35b1205f9ecbd7", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7" }, { "reference_url": "https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db", "reference_id": "8450b2482586857d689b6658f08de9c8179af7db", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db" }, { "reference_url": "https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8", "reference_id": "9286ab3a107ea41bd3f3c3682ce2512692bdded8", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8" }, { "reference_url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97", "reference_id": "ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97" }, { "reference_url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b", "reference_id": "d48cc82ed25e26b02eb97c6263d95dcaa1e9111b", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b" }, { "reference_url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483", "reference_id": "e52095a0c1005a87eed2276af7a1f2f66e2b6483", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10779", "reference_id": "RHSA-2024:10779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10978", "reference_id": "RHSA-2024:10978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10979", "reference_id": "RHSA-2024:10979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10980", "reference_id": "RHSA-2024:10980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10983", "reference_id": "RHSA-2024:10983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11024", "reference_id": "RHSA-2024:11024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11035", "reference_id": "RHSA-2024:11035", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11111", "reference_id": "RHSA-2024:11111", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0280", "reference_id": "RHSA-2025:0280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23530", "reference_id": "RHSA-2025:23530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23530" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/", "reference_id": "RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T17:11:46Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/" }, { "reference_url": "https://usn.ubuntu.com/7116-1/", "reference_id": "USN-7116-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7116-1/" }, { "reference_url": "https://usn.ubuntu.com/7348-1/", "reference_id": "USN-7348-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7348-1/" }, { "reference_url": "https://usn.ubuntu.com/7488-1/", "reference_id": "USN-7488-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7488-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-9287" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbuw-2msj-tqd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31511?format=api", "vulnerability_id": "VCID-v186-7sv1-ubej", "summary": "Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7592.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7592.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73941", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00796", "scoring_system": "epss", "scoring_elements": "0.73966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77179", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77188", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77215", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77195", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77231", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01018", "scoring_system": "epss", "scoring_elements": "0.77233", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7592" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/issues/123067", "reference_id": "123067", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/issues/123067" }, { "reference_url": "https://github.com/python/cpython/pull/123075", "reference_id": "123075", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/pull/123075" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305879", "reference_id": "2305879", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305879" }, { "reference_url": "https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621", "reference_id": "391e5626e3ee5af267b97e37abc7475732e67621", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621" }, { "reference_url": "https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef", "reference_id": "44e458357fca05ca0ae2658d62c8c595b048b5ef", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef" }, { "reference_url": "https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06", "reference_id": "a77ab24427a18bff817025adb03ca920dc3f1a06", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06" }, { "reference_url": "https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a", "reference_id": "b2f11ca7667e4d57c71c1c88b255115f16042d9a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a" }, { "reference_url": "https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f", "reference_id": "d4ac921a4b081f7f996a5d2b101684b67ba0ed7f", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f" }, { "reference_url": "https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774", "reference_id": "d662e2db2605515a767f88ad48096b8ac623c774", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774" }, { "reference_url": "https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1", "reference_id": "dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1" }, { "reference_url": "https://security.gentoo.org/glsa/202506-07", "reference_id": "GLSA-202506-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-07" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/", "reference_id": "HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-03T17:21:02Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10983", "reference_id": "RHSA-2024:10983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3631", "reference_id": "RHSA-2025:3631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3634", "reference_id": "RHSA-2025:3634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3634" }, { "reference_url": "https://usn.ubuntu.com/7015-1/", "reference_id": "USN-7015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-1/" }, { "reference_url": "https://usn.ubuntu.com/7015-2/", "reference_id": "USN-7015-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7015-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2024-7592" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v186-7sv1-ubej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38889?format=api", "vulnerability_id": "VCID-z48d-eyxz-bycq", "summary": "Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83891", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83857", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.8389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83805", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02048", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957458", "reference_id": "1957458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195", "reference_id": "989195", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195" }, { "reference_url": "https://security.archlinux.org/AVG-1913", "reference_id": "AVG-1913", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4160", "reference_id": "RHSA-2021:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4162", "reference_id": "RHSA-2021:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4162" }, { "reference_url": "https://usn.ubuntu.com/4973-1/", "reference_id": "USN-4973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4973-1/" }, { "reference_url": "https://usn.ubuntu.com/4973-2/", "reference_id": "USN-4973-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4973-2/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936983?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u2?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" } ], "aliases": [ "CVE-2021-29921" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z48d-eyxz-bycq" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u2%3Fdistro=bullseye" }