Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
Typedeb
Namespacedebian
Namepython3.9
Version3.9.2-1+deb11u4
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.9.2-1+deb11u5
Latest_non_vulnerable_version3.9.2-1+deb11u6
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1uk5-6yqb-dyb5
vulnerability_id VCID-1uk5-6yqb-dyb5
summary cpython: Out-of-memory when loading Plist
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13837.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13837.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-13837
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10652
published_at 2026-04-02T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10621
published_at 2026-04-24T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10713
published_at 2026-04-04T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.1057
published_at 2026-04-07T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10643
published_at 2026-04-08T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10701
published_at 2026-04-09T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10714
published_at 2026-04-11T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10683
published_at 2026-04-12T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.10659
published_at 2026-04-13T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.10522
published_at 2026-04-16T12:55:00Z
10
value 0.00036
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-18T12:55:00Z
11
value 0.00036
scoring_system epss
scoring_elements 0.10668
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-13837
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13837
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126782
reference_id 1126782
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126782
5
reference_url https://github.com/python/cpython/issues/119342
reference_id 119342
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/issues/119342
6
reference_url https://github.com/python/cpython/pull/119343
reference_id 119343
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/pull/119343
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418084
reference_id 2418084
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418084
8
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/
reference_id 2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/2X5IBCJXRQAZ5PSERLHMSJFBHFR3QM2C/
9
reference_url https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036
reference_id 568342cfc8f002d9a15f30238f26b9d2e0e79036
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/commit/568342cfc8f002d9a15f30238f26b9d2e0e79036
10
reference_url https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b
reference_id 5a8b19677d818fb41ee55f310233772e15aa1a2b
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/commit/5a8b19677d818fb41ee55f310233772e15aa1a2b
11
reference_url https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70
reference_id 694922cf40aa3a28f898b5f5ee08b71b4922df70
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/commit/694922cf40aa3a28f898b5f5ee08b71b4922df70
12
reference_url https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba
reference_id 71fa8eb8233b37f16c88b6e3e583b461b205d1ba
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/commit/71fa8eb8233b37f16c88b6e3e583b461b205d1ba
13
reference_url https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb
reference_id b64441e4852383645af5b435411a6f849dd1b4cb
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/commit/b64441e4852383645af5b435411a6f849dd1b4cb
14
reference_url https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111
reference_id cefee7d118a26ef6cd43db59bb9d98ca9a331111
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:23:28Z/
url https://github.com/python/cpython/commit/cefee7d118a26ef6cd43db59bb9d98ca9a331111
15
reference_url https://access.redhat.com/errata/RHSA-2026:7443
reference_id RHSA-2026:7443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7443
16
reference_url https://access.redhat.com/errata/RHSA-2026:7661
reference_id RHSA-2026:7661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7661
17
reference_url https://access.redhat.com/errata/RHSA-2026:8822
reference_id RHSA-2026:8822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8822
18
reference_url https://access.redhat.com/errata/RHSA-2026:8824
reference_id RHSA-2026:8824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8824
19
reference_url https://usn.ubuntu.com/8018-1/
reference_id USN-8018-1
reference_type
scores
url https://usn.ubuntu.com/8018-1/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-13837
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1uk5-6yqb-dyb5
1
url VCID-5maz-1h1k-3qfj
vulnerability_id VCID-5maz-1h1k-3qfj
summary Multiple vulberabilities have been discovered in Python and PyPy, the worst of which can lead to privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4516.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4516
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43354
published_at 2026-04-02T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43274
published_at 2026-04-24T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43381
published_at 2026-04-04T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43319
published_at 2026-04-07T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43371
published_at 2026-04-08T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43386
published_at 2026-04-09T12:55:00Z
6
value 0.00209
scoring_system epss
scoring_elements 0.43406
published_at 2026-04-11T12:55:00Z
7
value 0.00209
scoring_system epss
scoring_elements 0.43374
published_at 2026-04-12T12:55:00Z
8
value 0.00209
scoring_system epss
scoring_elements 0.43359
published_at 2026-04-13T12:55:00Z
9
value 0.00209
scoring_system epss
scoring_elements 0.43418
published_at 2026-04-16T12:55:00Z
10
value 0.00209
scoring_system epss
scoring_elements 0.43407
published_at 2026-04-18T12:55:00Z
11
value 0.00209
scoring_system epss
scoring_elements 0.43341
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4516
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4516
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/python/cpython/pull/129648
reference_id 129648
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/pull/129648
5
reference_url https://github.com/python/cpython/issues/133767
reference_id 133767
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/issues/133767
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2366509
reference_id 2366509
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2366509
7
reference_url https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
reference_id 4398b788ffc1f954a2c552da285477d42a571292
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/4398b788ffc1f954a2c552da285477d42a571292
8
reference_url https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
reference_id 6279eb8c076d89d3739a6edb393e43c7929b429d
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/6279eb8c076d89d3739a6edb393e43c7929b429d
9
reference_url https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
reference_id 69b4387f78f413e8c47572a85b3478c47eba8142
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/69b4387f78f413e8c47572a85b3478c47eba8142
10
reference_url https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
reference_id 73b3040f592436385007918887b7e2132aa8431f
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/73b3040f592436385007918887b7e2132aa8431f
11
reference_url https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
reference_id 8d35fd1b34935221aff23a1ab69a429dd156be77
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/8d35fd1b34935221aff23a1ab69a429dd156be77
12
reference_url https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
reference_id 9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/9f69a58623bd01349a18ba0c7a9cb1dad6a51e8e
13
reference_url https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
reference_id ab9893c40609935e0d40a6d2a7307ea51aec598b
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://github.com/python/cpython/commit/ab9893c40609935e0d40a6d2a7307ea51aec598b
14
reference_url https://security.gentoo.org/glsa/202506-07
reference_id GLSA-202506-07
reference_type
scores
url https://security.gentoo.org/glsa/202506-07
15
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
reference_id L75IPBBTSCYEF56I2M4KIW353BB3AY74
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:18:44Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
16
reference_url https://access.redhat.com/errata/RHSA-2025:23530
reference_id RHSA-2025:23530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23530
17
reference_url https://usn.ubuntu.com/7570-1/
reference_id USN-7570-1
reference_type
scores
url https://usn.ubuntu.com/7570-1/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-4516
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5maz-1h1k-3qfj
2
url VCID-8dtv-379a-wqfs
vulnerability_id VCID-8dtv-379a-wqfs
summary cpython: Excessive read buffering DoS in http.client
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13836.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13836.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-13836
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41585
published_at 2026-04-02T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.41411
published_at 2026-04-24T12:55:00Z
2
value 0.00196
scoring_system epss
scoring_elements 0.41613
published_at 2026-04-04T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41539
published_at 2026-04-07T12:55:00Z
4
value 0.00196
scoring_system epss
scoring_elements 0.41589
published_at 2026-04-08T12:55:00Z
5
value 0.00196
scoring_system epss
scoring_elements 0.41599
published_at 2026-04-09T12:55:00Z
6
value 0.00196
scoring_system epss
scoring_elements 0.41621
published_at 2026-04-11T12:55:00Z
7
value 0.00196
scoring_system epss
scoring_elements 0.41587
published_at 2026-04-12T12:55:00Z
8
value 0.00196
scoring_system epss
scoring_elements 0.41574
published_at 2026-04-13T12:55:00Z
9
value 0.00196
scoring_system epss
scoring_elements 0.4162
published_at 2026-04-16T12:55:00Z
10
value 0.00196
scoring_system epss
scoring_elements 0.41594
published_at 2026-04-18T12:55:00Z
11
value 0.00196
scoring_system epss
scoring_elements 0.41518
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-13836
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13836
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126783
reference_id 1126783
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126783
5
reference_url https://github.com/python/cpython/issues/119451
reference_id 119451
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/issues/119451
6
reference_url https://github.com/python/cpython/pull/119454
reference_id 119454
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/pull/119454
7
reference_url https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628
reference_id 14b1fdb0a94b96f86fc7b86671ea9582b8676628
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/commit/14b1fdb0a94b96f86fc7b86671ea9582b8676628
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418078
reference_id 2418078
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418078
9
reference_url https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15
reference_id 289f29b0fe38baf2d7cb5854f4bb573cc34a6a15
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/commit/289f29b0fe38baf2d7cb5854f4bb573cc34a6a15
10
reference_url https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155
reference_id 4ce27904b597c77d74dd93f2c912676021a99155
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155
11
reference_url https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5
reference_id 5a4c4a033a4a54481be6870aa1896fad732555b5
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/commit/5a4c4a033a4a54481be6870aa1896fad732555b5
12
reference_url https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0
reference_id 5dc101675fd22918facbbe0fecdc821502beaaf0
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/commit/5dc101675fd22918facbbe0fecdc821502beaaf0
13
reference_url https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c
reference_id afc40bdd3dd71f343fd9016f6d8eebbacbd6587c
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://github.com/python/cpython/commit/afc40bdd3dd71f343fd9016f6d8eebbacbd6587c
14
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/
reference_id OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:32:37Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/OQ6G7MKRQIS3OAREC3HNG3D2DPOU34XO/
15
reference_url https://access.redhat.com/errata/RHSA-2026:1374
reference_id RHSA-2026:1374
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1374
16
reference_url https://access.redhat.com/errata/RHSA-2026:1408
reference_id RHSA-2026:1408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1408
17
reference_url https://access.redhat.com/errata/RHSA-2026:1410
reference_id RHSA-2026:1410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1410
18
reference_url https://access.redhat.com/errata/RHSA-2026:1736
reference_id RHSA-2026:1736
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1736
19
reference_url https://access.redhat.com/errata/RHSA-2026:1828
reference_id RHSA-2026:1828
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1828
20
reference_url https://access.redhat.com/errata/RHSA-2026:1892
reference_id RHSA-2026:1892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1892
21
reference_url https://access.redhat.com/errata/RHSA-2026:1893
reference_id RHSA-2026:1893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1893
22
reference_url https://access.redhat.com/errata/RHSA-2026:1922
reference_id RHSA-2026:1922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1922
23
reference_url https://access.redhat.com/errata/RHSA-2026:2084
reference_id RHSA-2026:2084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2084
24
reference_url https://access.redhat.com/errata/RHSA-2026:2233
reference_id RHSA-2026:2233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2233
25
reference_url https://access.redhat.com/errata/RHSA-2026:2419
reference_id RHSA-2026:2419
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2419
26
reference_url https://access.redhat.com/errata/RHSA-2026:2563
reference_id RHSA-2026:2563
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2563
27
reference_url https://access.redhat.com/errata/RHSA-2026:3897
reference_id RHSA-2026:3897
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3897
28
reference_url https://access.redhat.com/errata/RHSA-2026:3900
reference_id RHSA-2026:3900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3900
29
reference_url https://access.redhat.com/errata/RHSA-2026:4943
reference_id RHSA-2026:4943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4943
30
reference_url https://access.redhat.com/errata/RHSA-2026:7443
reference_id RHSA-2026:7443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7443
31
reference_url https://access.redhat.com/errata/RHSA-2026:7661
reference_id RHSA-2026:7661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7661
32
reference_url https://access.redhat.com/errata/RHSA-2026:8746
reference_id RHSA-2026:8746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8746
33
reference_url https://access.redhat.com/errata/RHSA-2026:8747
reference_id RHSA-2026:8747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8747
34
reference_url https://access.redhat.com/errata/RHSA-2026:8748
reference_id RHSA-2026:8748
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8748
35
reference_url https://access.redhat.com/errata/RHSA-2026:8822
reference_id RHSA-2026:8822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8822
36
reference_url https://access.redhat.com/errata/RHSA-2026:8824
reference_id RHSA-2026:8824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8824
37
reference_url https://usn.ubuntu.com/7951-1/
reference_id USN-7951-1
reference_type
scores
url https://usn.ubuntu.com/7951-1/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-13836
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8dtv-379a-wqfs
3
url VCID-emaw-jmek-9bcy
vulnerability_id VCID-emaw-jmek-9bcy
summary cpython: Python HTMLParser quadratic complexity
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6069.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6069.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6069
reference_id
reference_type
scores
0
value 0.00283
scoring_system epss
scoring_elements 0.51588
published_at 2026-04-02T12:55:00Z
1
value 0.00306
scoring_system epss
scoring_elements 0.5389
published_at 2026-04-11T12:55:00Z
2
value 0.00306
scoring_system epss
scoring_elements 0.53842
published_at 2026-04-09T12:55:00Z
3
value 0.00306
scoring_system epss
scoring_elements 0.53844
published_at 2026-04-08T12:55:00Z
4
value 0.00306
scoring_system epss
scoring_elements 0.53818
published_at 2026-04-04T12:55:00Z
5
value 0.00306
scoring_system epss
scoring_elements 0.53792
published_at 2026-04-07T12:55:00Z
6
value 0.00306
scoring_system epss
scoring_elements 0.53873
published_at 2026-04-12T12:55:00Z
7
value 0.00864
scoring_system epss
scoring_elements 0.75159
published_at 2026-04-24T12:55:00Z
8
value 0.00864
scoring_system epss
scoring_elements 0.75086
published_at 2026-04-13T12:55:00Z
9
value 0.00864
scoring_system epss
scoring_elements 0.75123
published_at 2026-04-16T12:55:00Z
10
value 0.00864
scoring_system epss
scoring_elements 0.7513
published_at 2026-04-18T12:55:00Z
11
value 0.00864
scoring_system epss
scoring_elements 0.7512
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6069
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6069
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109376
reference_id 1109376
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109376
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118430
reference_id 1118430
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118430
6
reference_url https://github.com/python/cpython/issues/135462
reference_id 135462
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/issues/135462
7
reference_url https://github.com/python/cpython/pull/135464
reference_id 135464
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/pull/135464
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373234
reference_id 2373234
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373234
9
reference_url https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949
reference_id 4455cbabf991e202185a25a631af206f60bbc949
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949
10
reference_url https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41
reference_id 6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41
11
reference_url https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49
reference_id 8d1b3dfa09135affbbf27fb8babcf3c11415df49
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49
12
reference_url https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5
reference_id ab0893fd5c579d9cea30841680e6d35fc478afb5
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5
13
reference_url https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b
reference_id d851f8e258c7328814943e923a7df81bca15df4b
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b
14
reference_url https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc
reference_id f3c6f882cddc8dc30320d2e73edf019e201394fc
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc
15
reference_url https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15
reference_id fdc9d214c01cb4588f540cfa03726bbf2a33fc15
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15
16
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/
reference_id K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T13:58:28Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/
17
reference_url https://access.redhat.com/errata/RHSA-2025:23342
reference_id RHSA-2025:23342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23342
18
reference_url https://access.redhat.com/errata/RHSA-2025:23530
reference_id RHSA-2025:23530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23530
19
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
20
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
21
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
22
reference_url https://access.redhat.com/errata/RHSA-2026:1858
reference_id RHSA-2026:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1858
23
reference_url https://usn.ubuntu.com/7710-1/
reference_id USN-7710-1
reference_type
scores
url https://usn.ubuntu.com/7710-1/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-6069
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-emaw-jmek-9bcy
4
url VCID-ewbq-2gm8-tyf5
vulnerability_id VCID-ewbq-2gm8-tyf5
summary 
Buffer overflow in sponge queue functions
### Impact

The Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more.

### Patches

Yes, see commit [fdc6fef0](https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a).

### Workarounds

The problem can be avoided by limiting the size of the partial input data (or partial output digest) below 2^32 - 200 bytes. Multiple calls to the queue system can be chained at a higher level to retain the original functionality. Alternatively, one can process the entire input (or produce the entire output) at once, avoiding the queuing functions altogether.

### References

See [issue #105](https://github.com/XKCP/XKCP/issues/105) for more details.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37454.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37454
reference_id
reference_type
scores
0
value 0.01329
scoring_system epss
scoring_elements 0.79931
published_at 2026-04-08T12:55:00Z
1
value 0.01329
scoring_system epss
scoring_elements 0.79894
published_at 2026-04-02T12:55:00Z
2
value 0.01329
scoring_system epss
scoring_elements 0.79915
published_at 2026-04-04T12:55:00Z
3
value 0.01329
scoring_system epss
scoring_elements 0.79935
published_at 2026-04-13T12:55:00Z
4
value 0.01329
scoring_system epss
scoring_elements 0.79943
published_at 2026-04-12T12:55:00Z
5
value 0.01329
scoring_system epss
scoring_elements 0.7996
published_at 2026-04-11T12:55:00Z
6
value 0.01329
scoring_system epss
scoring_elements 0.7994
published_at 2026-04-09T12:55:00Z
7
value 0.01329
scoring_system epss
scoring_elements 0.79903
published_at 2026-04-07T12:55:00Z
8
value 0.014
scoring_system epss
scoring_elements 0.80449
published_at 2026-04-21T12:55:00Z
9
value 0.014
scoring_system epss
scoring_elements 0.80475
published_at 2026-04-24T12:55:00Z
10
value 0.014
scoring_system epss
scoring_elements 0.80444
published_at 2026-04-16T12:55:00Z
11
value 0.014
scoring_system epss
scoring_elements 0.80446
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37454
2
reference_url https://csrc.nist.gov/projects/hash-functions/sha-3-project
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://csrc.nist.gov/projects/hash-functions/sha-3-project
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31628
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31630
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37454
7
reference_url https://eprint.iacr.org/2023/331
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://eprint.iacr.org/2023/331
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/johanns/sha3/commit/5f2e8118a62831911703c8753ff2435c3b5d7312
10
reference_url https://github.com/johanns/sha3/issues/17
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/johanns/sha3/issues/17
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/sha3/CVE-2022-37454.yml
12
reference_url https://github.com/tiran/pysha3/issues/29
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/tiran/pysha3/issues/29
13
reference_url https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
14
reference_url https://github.com/XKCP/XKCP/issues/105
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/XKCP/XKCP/issues/105
15
reference_url https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658
16
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html
17
reference_url https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
26
reference_url https://mouha.be/sha-3-buffer-overflow
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://mouha.be/sha-3-buffer-overflow
27
reference_url https://mouha.be/sha-3-buffer-overflow/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://mouha.be/sha-3-buffer-overflow/
28
reference_url https://news.ycombinator.com/item?id=33281106
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://news.ycombinator.com/item?id=33281106
29
reference_url https://news.ycombinator.com/item?id=35050307
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://news.ycombinator.com/item?id=35050307
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-37454
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-37454
31
reference_url https://security.gentoo.org/glsa/202305-02
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://security.gentoo.org/glsa/202305-02
32
reference_url https://www.debian.org/security/2022/dsa-5267
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://www.debian.org/security/2022/dsa-5267
33
reference_url https://www.debian.org/security/2022/dsa-5269
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-08T15:03:12Z/
url https://www.debian.org/security/2022/dsa-5269
34
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030
reference_id 1023030
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140200
reference_id 2140200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140200
36
reference_url https://github.com/advisories/GHSA-6w4m-2xhg-2658
reference_id GHSA-6w4m-2xhg-2658
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6w4m-2xhg-2658
37
reference_url https://security.gentoo.org/glsa/202211-03
reference_id GLSA-202211-03
reference_type
scores
url https://security.gentoo.org/glsa/202211-03
38
reference_url https://access.redhat.com/errata/RHSA-2023:0848
reference_id RHSA-2023:0848
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0848
39
reference_url https://access.redhat.com/errata/RHSA-2023:0965
reference_id RHSA-2023:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0965
40
reference_url https://access.redhat.com/errata/RHSA-2023:2417
reference_id RHSA-2023:2417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2417
41
reference_url https://access.redhat.com/errata/RHSA-2023:2903
reference_id RHSA-2023:2903
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2903
42
reference_url https://usn.ubuntu.com/5717-1/
reference_id USN-5717-1
reference_type
scores
url https://usn.ubuntu.com/5717-1/
43
reference_url https://usn.ubuntu.com/5767-1/
reference_id USN-5767-1
reference_type
scores
url https://usn.ubuntu.com/5767-1/
44
reference_url https://usn.ubuntu.com/5767-3/
reference_id USN-5767-3
reference_type
scores
url https://usn.ubuntu.com/5767-3/
45
reference_url https://usn.ubuntu.com/5888-1/
reference_id USN-5888-1
reference_type
scores
url https://usn.ubuntu.com/5888-1/
46
reference_url https://usn.ubuntu.com/5930-1/
reference_id USN-5930-1
reference_type
scores
url https://usn.ubuntu.com/5930-1/
47
reference_url https://usn.ubuntu.com/5931-1/
reference_id USN-5931-1
reference_type
scores
url https://usn.ubuntu.com/5931-1/
48
reference_url https://usn.ubuntu.com/6524-1/
reference_id USN-6524-1
reference_type
scores
url https://usn.ubuntu.com/6524-1/
49
reference_url https://usn.ubuntu.com/6525-1/
reference_id USN-6525-1
reference_type
scores
url https://usn.ubuntu.com/6525-1/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2022-37454, GHSA-6w4m-2xhg-2658
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewbq-2gm8-tyf5
5
url VCID-fcsb-dn49-47gy
vulnerability_id VCID-fcsb-dn49-47gy
summary python: Quadratic complexity in os.path.expandvars() with user-controlled template
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6075.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6075.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6075
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05701
published_at 2026-04-04T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05661
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0576
published_at 2026-04-09T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05734
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05694
published_at 2026-04-07T12:55:00Z
5
value 0.0003
scoring_system epss
scoring_elements 0.08587
published_at 2026-04-24T12:55:00Z
6
value 0.0003
scoring_system epss
scoring_elements 0.08574
published_at 2026-04-21T12:55:00Z
7
value 0.0003
scoring_system epss
scoring_elements 0.08553
published_at 2026-04-12T12:55:00Z
8
value 0.0003
scoring_system epss
scoring_elements 0.08536
published_at 2026-04-13T12:55:00Z
9
value 0.0003
scoring_system epss
scoring_elements 0.08429
published_at 2026-04-16T12:55:00Z
10
value 0.0003
scoring_system epss
scoring_elements 0.08414
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6075
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6075
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6075
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126777
reference_id 1126777
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126777
5
reference_url https://github.com/python/cpython/issues/136065
reference_id 136065
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/issues/136065
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2408891
reference_id 2408891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2408891
7
reference_url https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c
reference_id 2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/2e6150adccaaf5bd95d4c19dfd04a36e0b325d8c
8
reference_url https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427
reference_id 5dceb93486176e6b4a6d9754491005113eb23427
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/5dceb93486176e6b4a6d9754491005113eb23427
9
reference_url https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84
reference_id 631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/631ba3407e3348ccd56ce5160c4fb2c5dc5f4d84
10
reference_url https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca
reference_id 892747b4cf0f95ba8beb51c0d0658bfaa381ebca
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/892747b4cf0f95ba8beb51c0d0658bfaa381ebca
11
reference_url https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742
reference_id 9ab89c026aa9611c4b0b67c288b8303a480fe742
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/9ab89c026aa9611c4b0b67c288b8303a480fe742
12
reference_url https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba
reference_id c8a5f3435c342964e0a432cc9fb448b7dbecd1ba
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/c8a5f3435c342964e0a432cc9fb448b7dbecd1ba
13
reference_url https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c
reference_id f029e8db626ddc6e3a3beea4eff511a71aaceb5c
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://github.com/python/cpython/commit/f029e8db626ddc6e3a3beea4eff511a71aaceb5c
14
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/
reference_id IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA
reference_type
scores
0
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-31T17:54:46Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/
15
reference_url https://access.redhat.com/errata/RHSA-2025:23342
reference_id RHSA-2025:23342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23342
16
reference_url https://access.redhat.com/errata/RHSA-2025:23530
reference_id RHSA-2025:23530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23530
17
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
18
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
19
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
20
reference_url https://access.redhat.com/errata/RHSA-2026:7443
reference_id RHSA-2026:7443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7443
21
reference_url https://access.redhat.com/errata/RHSA-2026:7661
reference_id RHSA-2026:7661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7661
22
reference_url https://access.redhat.com/errata/RHSA-2026:8822
reference_id RHSA-2026:8822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8822
23
reference_url https://access.redhat.com/errata/RHSA-2026:8824
reference_id RHSA-2026:8824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8824
24
reference_url https://usn.ubuntu.com/7886-1/
reference_id USN-7886-1
reference_type
scores
url https://usn.ubuntu.com/7886-1/
25
reference_url https://usn.ubuntu.com/7886-2/
reference_id USN-7886-2
reference_type
scores
url https://usn.ubuntu.com/7886-2/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-6075
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcsb-dn49-47gy
6
url VCID-mtk7-qut6-syd8
vulnerability_id VCID-mtk7-qut6-syd8
summary cpython: Cpython infinite loop when parsing a tarfile
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8194.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8194.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8194
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.3921
published_at 2026-04-04T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.39174
published_at 2026-04-12T12:55:00Z
2
value 0.00176
scoring_system epss
scoring_elements 0.39211
published_at 2026-04-11T12:55:00Z
3
value 0.00176
scoring_system epss
scoring_elements 0.392
published_at 2026-04-09T12:55:00Z
4
value 0.00176
scoring_system epss
scoring_elements 0.39184
published_at 2026-04-08T12:55:00Z
5
value 0.00176
scoring_system epss
scoring_elements 0.39129
published_at 2026-04-07T12:55:00Z
6
value 0.0019
scoring_system epss
scoring_elements 0.40883
published_at 2026-04-02T12:55:00Z
7
value 0.00231
scoring_system epss
scoring_elements 0.45951
published_at 2026-04-18T12:55:00Z
8
value 0.00231
scoring_system epss
scoring_elements 0.45957
published_at 2026-04-16T12:55:00Z
9
value 0.00231
scoring_system epss
scoring_elements 0.45905
published_at 2026-04-13T12:55:00Z
10
value 0.00249
scoring_system epss
scoring_elements 0.48132
published_at 2026-04-21T12:55:00Z
11
value 0.00257
scoring_system epss
scoring_elements 0.49072
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8194
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8194
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8194
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124764
reference_id 1124764
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124764
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126758
reference_id 1126758
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126758
6
reference_url https://github.com/python/cpython/issues/130577
reference_id 130577
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/issues/130577
7
reference_url https://github.com/python/cpython/pull/137027
reference_id 137027
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/pull/137027
8
reference_url https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
reference_id 1716ac5b82b73dbcbf23ad2eff8b33e1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2384043
reference_id 2384043
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2384043
10
reference_url https://github.com/python/cpython/commit/57f5981d6260ed21266e0c26951b8564cc252bc2
reference_id 57f5981d6260ed21266e0c26951b8564cc252bc2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/57f5981d6260ed21266e0c26951b8564cc252bc2
11
reference_url https://github.com/python/cpython/commit/7040aa54f14676938970e10c5f74ea93cd56aa38
reference_id 7040aa54f14676938970e10c5f74ea93cd56aa38
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/7040aa54f14676938970e10c5f74ea93cd56aa38
12
reference_url https://github.com/python/cpython/commit/73f03e4808206f71eb6b92c579505a220942ef19
reference_id 73f03e4808206f71eb6b92c579505a220942ef19
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/73f03e4808206f71eb6b92c579505a220942ef19
13
reference_url https://github.com/python/cpython/commit/b4ec17488eedec36d3c05fec127df71c0071f6cb
reference_id b4ec17488eedec36d3c05fec127df71c0071f6cb
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/b4ec17488eedec36d3c05fec127df71c0071f6cb
14
reference_url https://github.com/python/cpython/commit/c9d9f78feb1467e73fd29356c040bde1c104f29f
reference_id c9d9f78feb1467e73fd29356c040bde1c104f29f
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/c9d9f78feb1467e73fd29356c040bde1c104f29f
15
reference_url https://github.com/python/cpython/commit/cdae923ffe187d6ef916c0f665a31249619193fe
reference_id cdae923ffe187d6ef916c0f665a31249619193fe
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/cdae923ffe187d6ef916c0f665a31249619193fe
16
reference_url https://github.com/python/cpython/commit/fbc2a0ca9ac8aff6887f8ddf79b87b4510277227
reference_id fbc2a0ca9ac8aff6887f8ddf79b87b4510277227
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://github.com/python/cpython/commit/fbc2a0ca9ac8aff6887f8ddf79b87b4510277227
17
reference_url https://access.redhat.com/errata/RHSA-2025:14546
reference_id RHSA-2025:14546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14546
18
reference_url https://access.redhat.com/errata/RHSA-2025:14560
reference_id RHSA-2025:14560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14560
19
reference_url https://access.redhat.com/errata/RHSA-2025:14841
reference_id RHSA-2025:14841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14841
20
reference_url https://access.redhat.com/errata/RHSA-2025:14900
reference_id RHSA-2025:14900
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14900
21
reference_url https://access.redhat.com/errata/RHSA-2025:14984
reference_id RHSA-2025:14984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14984
22
reference_url https://access.redhat.com/errata/RHSA-2025:15007
reference_id RHSA-2025:15007
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15007
23
reference_url https://access.redhat.com/errata/RHSA-2025:15010
reference_id RHSA-2025:15010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15010
24
reference_url https://access.redhat.com/errata/RHSA-2025:15019
reference_id RHSA-2025:15019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15019
25
reference_url https://access.redhat.com/errata/RHSA-2025:15348
reference_id RHSA-2025:15348
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15348
26
reference_url https://access.redhat.com/errata/RHSA-2025:15724
reference_id RHSA-2025:15724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15724
27
reference_url https://access.redhat.com/errata/RHSA-2025:15800
reference_id RHSA-2025:15800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15800
28
reference_url https://access.redhat.com/errata/RHSA-2025:15968
reference_id RHSA-2025:15968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15968
29
reference_url https://access.redhat.com/errata/RHSA-2025:16012
reference_id RHSA-2025:16012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16012
30
reference_url https://access.redhat.com/errata/RHSA-2025:16016
reference_id RHSA-2025:16016
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16016
31
reference_url https://access.redhat.com/errata/RHSA-2025:16031
reference_id RHSA-2025:16031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16031
32
reference_url https://access.redhat.com/errata/RHSA-2025:16062
reference_id RHSA-2025:16062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16062
33
reference_url https://access.redhat.com/errata/RHSA-2025:16078
reference_id RHSA-2025:16078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16078
34
reference_url https://access.redhat.com/errata/RHSA-2025:16117
reference_id RHSA-2025:16117
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16117
35
reference_url https://access.redhat.com/errata/RHSA-2025:16118
reference_id RHSA-2025:16118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16118
36
reference_url https://access.redhat.com/errata/RHSA-2025:16151
reference_id RHSA-2025:16151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16151
37
reference_url https://access.redhat.com/errata/RHSA-2025:16152
reference_id RHSA-2025:16152
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16152
38
reference_url https://access.redhat.com/errata/RHSA-2025:16153
reference_id RHSA-2025:16153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16153
39
reference_url https://access.redhat.com/errata/RHSA-2025:16262
reference_id RHSA-2025:16262
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16262
40
reference_url https://access.redhat.com/errata/RHSA-2025:16524
reference_id RHSA-2025:16524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16524
41
reference_url https://access.redhat.com/errata/RHSA-2025:19421
reference_id RHSA-2025:19421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19421
42
reference_url https://access.redhat.com/errata/RHSA-2025:19422
reference_id RHSA-2025:19422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19422
43
reference_url https://access.redhat.com/errata/RHSA-2025:19423
reference_id RHSA-2025:19423
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19423
44
reference_url https://access.redhat.com/errata/RHSA-2025:19424
reference_id RHSA-2025:19424
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19424
45
reference_url https://access.redhat.com/errata/RHSA-2025:19425
reference_id RHSA-2025:19425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19425
46
reference_url https://access.redhat.com/errata/RHSA-2025:19426
reference_id RHSA-2025:19426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19426
47
reference_url https://access.redhat.com/errata/RHSA-2025:19427
reference_id RHSA-2025:19427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19427
48
reference_url https://access.redhat.com/errata/RHSA-2025:19428
reference_id RHSA-2025:19428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19428
49
reference_url https://access.redhat.com/errata/RHSA-2025:19429
reference_id RHSA-2025:19429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19429
50
reference_url https://access.redhat.com/errata/RHSA-2025:19430
reference_id RHSA-2025:19430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19430
51
reference_url https://usn.ubuntu.com/7710-1/
reference_id USN-7710-1
reference_type
scores
url https://usn.ubuntu.com/7710-1/
52
reference_url https://usn.ubuntu.com/7710-2/
reference_id USN-7710-2
reference_type
scores
url https://usn.ubuntu.com/7710-2/
53
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/
reference_id ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-28T18:57:54Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/ZULLF3IZ726XP5EY7XJ7YIN3K5MDYR2D/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-8194
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtk7-qut6-syd8
7
url VCID-znkr-fxtj-4uc7
vulnerability_id VCID-znkr-fxtj-4uc7
summary cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8291.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8291.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8291
reference_id
reference_type
scores
0
value 0.00114
scoring_system epss
scoring_elements 0.30092
published_at 2026-04-02T12:55:00Z
1
value 0.00114
scoring_system epss
scoring_elements 0.29835
published_at 2026-04-24T12:55:00Z
2
value 0.00114
scoring_system epss
scoring_elements 0.3014
published_at 2026-04-04T12:55:00Z
3
value 0.00114
scoring_system epss
scoring_elements 0.29954
published_at 2026-04-07T12:55:00Z
4
value 0.00114
scoring_system epss
scoring_elements 0.30015
published_at 2026-04-08T12:55:00Z
5
value 0.00114
scoring_system epss
scoring_elements 0.30049
published_at 2026-04-09T12:55:00Z
6
value 0.00114
scoring_system epss
scoring_elements 0.30055
published_at 2026-04-11T12:55:00Z
7
value 0.00114
scoring_system epss
scoring_elements 0.3001
published_at 2026-04-12T12:55:00Z
8
value 0.00114
scoring_system epss
scoring_elements 0.29961
published_at 2026-04-13T12:55:00Z
9
value 0.00114
scoring_system epss
scoring_elements 0.29977
published_at 2026-04-16T12:55:00Z
10
value 0.00114
scoring_system epss
scoring_elements 0.29956
published_at 2026-04-18T12:55:00Z
11
value 0.00114
scoring_system epss
scoring_elements 0.2991
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8291
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8291
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8291
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118431
reference_id 1118431
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118431
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118432
reference_id 1118432
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118432
6
reference_url https://github.com/python/cpython/issues/139700
reference_id 139700
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/issues/139700
7
reference_url https://github.com/python/cpython/pull/139702
reference_id 139702
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/pull/139702
8
reference_url https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267
reference_id 162997bb70e067668c039700141770687bc8f267
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267
9
reference_url https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46
reference_id 1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2402342
reference_id 2402342
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2402342
11
reference_url https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6
reference_id 333d4a6f4967d3ace91492a39ededbcf3faa76a6
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6
12
reference_url https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196
reference_id 76437ac248ad8ca44e9bf697b02b1e2241df2196
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196
13
reference_url https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4
reference_id 8392b2f0d35678407d9ce7d95655a5b77de161b4
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4
14
reference_url https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388
reference_id bca11ae7d575d87ed93f5dd6a313be6246e3e388
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388
15
reference_url https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3
reference_id d11e69d6203080e3ec450446bfed0516727b85c3
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3
16
reference_url https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/
reference_id QECOPWMTH4VPPJAXAH2BGTA4XADOP62G
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T15:15:06Z/
url https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/
17
reference_url https://access.redhat.com/errata/RHSA-2025:23323
reference_id RHSA-2025:23323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23323
18
reference_url https://access.redhat.com/errata/RHSA-2025:23342
reference_id RHSA-2025:23342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23342
19
reference_url https://access.redhat.com/errata/RHSA-2025:23530
reference_id RHSA-2025:23530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23530
20
reference_url https://access.redhat.com/errata/RHSA-2025:23940
reference_id RHSA-2025:23940
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23940
21
reference_url https://access.redhat.com/errata/RHSA-2026:0123
reference_id RHSA-2026:0123
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0123
22
reference_url https://access.redhat.com/errata/RHSA-2026:0353
reference_id RHSA-2026:0353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0353
23
reference_url https://access.redhat.com/errata/RHSA-2026:0354
reference_id RHSA-2026:0354
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0354
24
reference_url https://access.redhat.com/errata/RHSA-2026:0355
reference_id RHSA-2026:0355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0355
25
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
26
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
27
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
28
reference_url https://access.redhat.com/errata/RHSA-2026:1858
reference_id RHSA-2026:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1858
29
reference_url https://access.redhat.com/errata/RHSA-2026:7443
reference_id RHSA-2026:7443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7443
30
reference_url https://access.redhat.com/errata/RHSA-2026:7661
reference_id RHSA-2026:7661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7661
31
reference_url https://access.redhat.com/errata/RHSA-2026:8822
reference_id RHSA-2026:8822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8822
32
reference_url https://access.redhat.com/errata/RHSA-2026:8824
reference_id RHSA-2026:8824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8824
33
reference_url https://usn.ubuntu.com/7886-1/
reference_id USN-7886-1
reference_type
scores
url https://usn.ubuntu.com/7886-1/
34
reference_url https://usn.ubuntu.com/7886-2/
reference_id USN-7886-2
reference_type
scores
url https://usn.ubuntu.com/7886-2/
fixed_packages
0
url pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye
1
url pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
purl pkg:deb/debian/python3.9@3.9.2-1%2Bdeb11u4?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye
aliases CVE-2025-8291
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znkr-fxtj-4uc7
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%252Bdeb11u4%3Fdistro=bullseye