Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/941470?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "type": "deb", "namespace": "debian", "name": "trafficserver", "version": "9.2.5+ds-0+deb12u3", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "9.2.5+ds-0+deb12u4", "latest_non_vulnerable_version": "9.2.5+ds-0+deb12u4", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134113?format=api", "vulnerability_id": "VCID-376v-6shk-8ycq", "summary": "Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, which makes it easier for man-in-the-middle attackers to poison the internal DNS cache via a crafted response.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78981", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.7891", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78916", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78953", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78959", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78982", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78967", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78957", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01206", "scoring_system": "epss", "scoring_elements": "0.78985", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2952" }, { "reference_url": "http://secunia.com/advisories/41356", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/41356" }, { "reference_url": "http://securitytracker.com/id?1024417", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1024417" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61721" }, { "reference_url": "https://issues.apache.org/jira/browse/TS-425", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/jira/browse/TS-425" }, { "reference_url": "http://trafficserver.apache.org/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trafficserver.apache.org/" }, { "reference_url": "http://www.nth-dimension.org.uk/pub/NDSA20100830.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.nth-dimension.org.uk/pub/NDSA20100830.txt.asc" }, { "reference_url": "http://www.securityfocus.com/archive/1/513598/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/513598/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/43111", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/43111" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2952", "reference_id": "CVE-2010-2952", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2952" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2010-2952" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-376v-6shk-8ycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95178?format=api", "vulnerability_id": "VCID-41x7-hv4u-byb9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00921", "scoring_system": "epss", "scoring_elements": "0.75944", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00921", "scoring_system": "epss", "scoring_elements": "0.75912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01339", "scoring_system": "epss", "scoring_elements": "0.80008", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01339", "scoring_system": "epss", "scoring_elements": "0.79971", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01339", "scoring_system": "epss", "scoring_elements": "0.79999", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01339", "scoring_system": "epss", "scoring_elements": "0.80028", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06551", "scoring_system": "epss", "scoring_elements": "0.91164", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06551", "scoring_system": "epss", "scoring_elements": "0.91137", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06551", "scoring_system": "epss", "scoring_elements": "0.91136", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06551", "scoring_system": "epss", "scoring_elements": "0.91161", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392" }, { "reference_url": "https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02", "reference_id": "mrj2lg4s0hf027rk7gz8t7hbn9xpfg02", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:46Z/" } ], "url": "https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941497?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.6%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941496?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-32749" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-41x7-hv4u-byb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96130?format=api", "vulnerability_id": "VCID-4738-xk8n-hbac", "summary": "Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38311", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24008", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24026", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24039", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5085", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73033", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73071", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.7305", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73047", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.73", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.7302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00745", "scoring_system": "epss", "scoring_elements": "0.72996", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38311" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691", "reference_id": "1099691", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691" }, { "reference_url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023", "reference_id": "btofzws2yqskk2n7f01r3l1819x01023", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:35:26Z/" } ], "url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941509?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-38311" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4738-xk8n-hbac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349305?format=api", "vulnerability_id": "VCID-4hs3-be7k-9qe7", "summary": "Apache Traffic Server allows request smuggling if chunked messages are malformed. \n\nThis issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1.\n\nUsers are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08219", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37207", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43424", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43358", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.43969", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44017", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.43999", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44002", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.43984", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65114" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717", "reference_id": "1132717", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717" }, { "reference_url": "https://lists.apache.org/thread/2s11roxlv1j8ph6q52rqo1klvl01n14q", "reference_id": "2s11roxlv1j8ph6q52rqo1klvl01n14q", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T18:09:43Z/" } ], "url": "https://lists.apache.org/thread/2s11roxlv1j8ph6q52rqo1klvl01n14q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000497?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid" } ], "aliases": [ "CVE-2025-65114" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hs3-be7k-9qe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92731?format=api", "vulnerability_id": "VCID-4js5-31yx-gkf1", "summary": "Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.", "references": [ { "reference_url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201509.mbox/%3CCABF6JR2j5vesvnjbm6sDPB_zAGj3kNgzzHEpLUh6dWG6t8mC2w%40mail.gmail.com%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201509.mbox/%3CCABF6JR2j5vesvnjbm6sDPB_zAGj3kNgzzHEpLUh6dWG6t8mC2w%40mail.gmail.com%3E" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83283", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83282", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83178", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83209", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83207", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83232", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83239", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.83244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01903", "scoring_system": "epss", "scoring_elements": "0.8328", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5206" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5206", "reference_id": "CVE-2015-5206", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5206" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941479?format=api", "purl": "pkg:deb/debian/trafficserver@6.0.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.0.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2015-5206" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4js5-31yx-gkf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95550?format=api", "vulnerability_id": "VCID-4men-293s-3bhn", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.5319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53235", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53229", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.5328", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53266", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53248", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00299", "scoring_system": "epss", "scoring_elements": "0.53286", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60768", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60753", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430", "reference_id": "1043430", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/", "reference_id": "BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/" }, { "reference_url": "https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc", "reference_id": "jsl6dfdgs1mjjo1mbtyflyjr7xftswhc", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/" } ], "url": "https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html", "reference_id": "msg00042.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941502?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941503?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941501?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-33934" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4men-293s-3bhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96312?format=api", "vulnerability_id": "VCID-4uhe-mtbx-nfdu", "summary": "Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21964", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21969", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22397", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39335", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70696", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.7069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70632", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70651", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70628", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56195" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691", "reference_id": "1099691", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691" }, { "reference_url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023", "reference_id": "btofzws2yqskk2n7f01r3l1819x01023", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:36:13Z/" } ], "url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941509?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-56195" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4uhe-mtbx-nfdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94834?format=api", "vulnerability_id": "VCID-4wwn-74ac-p7dp", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.7853", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78536", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78575", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78581", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78605", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78607", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01159", "scoring_system": "epss", "scoring_elements": "0.78602", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/", "reference_id": "CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5206", "reference_id": "dsa-5206", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5206" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00019.html", "reference_id": "msg00019.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00019.html" }, { "reference_url": "https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21", "reference_id": "rc64lwbdgrkv674koc3zl1sljr9vwg21", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/" } ], "url": "https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/", "reference_id": "ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T18:45:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941493?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941492?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-37150" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4wwn-74ac-p7dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87395?format=api", "vulnerability_id": "VCID-568b-s8ks-vfa6", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.79002", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78974", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78928", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78934", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78961", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78945", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.7897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78976", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78984", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481" }, { "reference_url": "https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4672" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17565", "reference_id": "CVE-2019-17565", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17565" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941485?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.6%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.6%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-17565" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-568b-s8ks-vfa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4443?format=api", "vulnerability_id": "VCID-5781-s1ny-q7ey", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json" }, { "reference_url": "https://akka.io/security/akka-http-cve-2023-44487.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://akka.io/security/akka-http-cve-2023-44487.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.94385", "scoring_system": "epss", "scoring_elements": "0.9997", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.94385", "scoring_system": "epss", "scoring_elements": "0.99971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.94395", "scoring_system": "epss", "scoring_elements": "0.99974", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.9446", "scoring_system": "epss", "scoring_elements": "0.99993", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44487" }, { "reference_url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size" }, { "reference_url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "reference_url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011" }, { "reference_url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/" }, { "reference_url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack" }, { "reference_url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "reference_url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack" }, { "reference_url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "reference_url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty" }, { "reference_url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "reference_url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "reference_url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "reference_url": "https://chaos.social/@icing/111210915918780532", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://chaos.social/@icing/111210915918780532" }, { "reference_url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps" }, { "reference_url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "reference_url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "reference_url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752" }, { "reference_url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "reference_url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "reference_url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "reference_url": "https://github.com/akka/akka-http/issues/4323", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/akka/akka-http/issues/4323" }, { "reference_url": "https://github.com/akka/akka-http/pull/4324", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/akka/akka-http/pull/4324" }, { "reference_url": "https://github.com/akka/akka-http/pull/4325", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/akka/akka-http/pull/4325" }, { "reference_url": "https://github.com/alibaba/tengine/issues/1872", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/alibaba/tengine/issues/1872" }, { "reference_url": "https://github.com/apache/apisix/issues/10320", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/apisix/issues/10320" }, { "reference_url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113" }, { "reference_url": "https://github.com/apache/httpd-site/pull/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/httpd-site/pull/10" }, { "reference_url": "https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a" }, { "reference_url": "https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49" }, { "reference_url": "https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628" }, { "reference_url": "https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e" }, { "reference_url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "reference_url": "https://github.com/apache/trafficserver/pull/10564", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/apache/trafficserver/pull/10564" }, { "reference_url": "https://github.com/apple/swift-nio-http2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apple/swift-nio-http2" }, { "reference_url": "https://github.com/Azure/AKS/issues/3947", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/Azure/AKS/issues/3947" }, { "reference_url": "https://github.com/caddyserver/caddy/issues/5877", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "reference_url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "reference_url": "https://github.com/dotnet/announcements/issues/277", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/dotnet/announcements/issues/277" }, { "reference_url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73" }, { "reference_url": "https://github.com/eclipse/jetty.project/issues/10679", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "reference_url": "https://github.com/envoyproxy/envoy/pull/30055", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "reference_url": "https://github.com/etcd-io/etcd/issues/16740", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "reference_url": "https://github.com/facebook/proxygen/pull/466", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/facebook/proxygen/pull/466" }, { "reference_url": "https://github.com/golang/go/issues/63417", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/golang/go/issues/63417" }, { "reference_url": "https://github.com/grpc/grpc-go/pull/6703", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "reference_url": "https://github.com/grpc/grpc-go/releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/grpc/grpc-go/releases" }, { "reference_url": "https://github.com/grpc/grpc/releases/tag/v1.59.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/grpc/grpc/releases/tag/v1.59.2" }, { "reference_url": "https://github.com/h2o/h2o/pull/3291", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/h2o/h2o/pull/3291" }, { "reference_url": "https://github.com/haproxy/haproxy/issues/2312", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "reference_url": "https://github.com/hyperium/hyper/issues/3337", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/hyperium/hyper/issues/3337" }, { "reference_url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244" }, { "reference_url": "https://github.com/junkurihara/rust-rpxy/issues/97", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "reference_url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "reference_url": "https://github.com/kazu-yamamoto/http2/issues/93", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "reference_url": "https://github.com/Kong/kong/discussions/11741", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/Kong/kong/discussions/11741" }, { "reference_url": "https://github.com/kubernetes/kubernetes/pull/121120", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "reference_url": "https://github.com/line/armeria/pull/5232", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/line/armeria/pull/5232" }, { "reference_url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "reference_url": "https://github.com/micrictor/http2-rst-stream", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/micrictor/http2-rst-stream" }, { "reference_url": "https://github.com/microsoft/CBL-Mariner/pull/6381", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/microsoft/CBL-Mariner/pull/6381" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "reference_url": "https://github.com/nghttp2/nghttp2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nghttp2/nghttp2" }, { "reference_url": "https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832" }, { "reference_url": "https://github.com/nghttp2/nghttp2/pull/1961", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "reference_url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "reference_url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg" }, { "reference_url": "https://github.com/ninenines/cowboy/issues/1615", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "reference_url": "https://github.com/nodejs/node/pull/50121", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/nodejs/node/pull/50121" }, { "reference_url": "https://github.com/openresty/openresty/issues/930", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/openresty/openresty/issues/930" }, { "reference_url": "https://github.com/opensearch-project/data-prepper/issues/3474", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "reference_url": "https://github.com/oqtane/oqtane.framework/discussions/3367", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "reference_url": "https://github.com/projectcontour/contour/pull/5826", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/projectcontour/contour/pull/5826" }, { "reference_url": "https://github.com/tempesta-tech/tempesta/issues/1986", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "reference_url": "https://github.com/varnishcache/varnish-cache/issues/3996", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "reference_url": "https://go.dev/cl/534215", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/534215" }, { "reference_url": "https://go.dev/cl/534235", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/534235" }, { "reference_url": "https://go.dev/issue/63417", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/63417" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ" }, { "reference_url": "https://istio.io/latest/news/security/istio-security-2023-004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://istio.io/latest/news/security/istio-security-2023-004" }, { "reference_url": "https://istio.io/latest/news/security/istio-security-2023-004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "reference_url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487" }, { "reference_url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "reference_url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4" }, { "reference_url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html" }, { "reference_url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html" }, { "reference_url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "reference_url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2" }, { "reference_url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "reference_url": "https://my.f5.com/manage/s/article/K000137106", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://my.f5.com/manage/s/article/K000137106" }, { "reference_url": "https://netty.io/news/2023/10/10/4-1-100-Final.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://netty.io/news/2023/10/10/4-1-100-Final.html" }, { "reference_url": "https://news.ycombinator.com/item?id=37830987", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37830987" }, { "reference_url": "https://news.ycombinator.com/item?id=37830998", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37830998" }, { "reference_url": "https://news.ycombinator.com/item?id=37831062", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37831062" }, { "reference_url": "https://news.ycombinator.com/item?id=37837043", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://news.ycombinator.com/item?id=37837043" }, { "reference_url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response" }, { "reference_url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "reference_url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "reference_url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ" }, { "reference_url": "https://security.gentoo.org/glsa/202311-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231016-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20231016-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231016-0001/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0007" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007" }, { "reference_url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14" }, { "reference_url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12" }, { "reference_url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94" }, { "reference_url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487" }, { "reference_url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487" }, { "reference_url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5521", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5521" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5522" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5540", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5540" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5549", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5549" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5558", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5558" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5570", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5570" }, { "reference_url": "https://www.eclipse.org/lists/jetty-announce/msg00181.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.eclipse.org/lists/jetty-announce/msg00181.html" }, { "reference_url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "reference_url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487" }, { "reference_url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "reference_url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products" }, { "reference_url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/10/10/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "reference_url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack" }, { "reference_url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday" }, { "reference_url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/10/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/10/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/13/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/13/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/18/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/18/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/19/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/20/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769", "reference_id": "1053769", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770", "reference_id": "1053770", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801", "reference_id": "1053801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232", "reference_id": "1054232", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234", "reference_id": "1054234", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156", "reference_id": "1056156", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421", "reference_id": "1074421", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/", "reference_id": "2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/", "reference_id": "3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/", "reference_id": "BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/", "reference_id": "CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "reference_url": "https://blog.vespa.ai/cve-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://blog.vespa.ai/cve-2023-44487" }, { "reference_url": "https://blog.vespa.ai/cve-2023-44487/", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "Important", "scoring_system": "apache_tomcat", "scoring_elements": "" } ], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487" }, { "reference_url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487" }, { "reference_url": "https://github.com/bcdannyboy/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/bcdannyboy/CVE-2023-44487" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py", "reference_id": "CVE-2023-44487", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487" }, { "reference_url": "https://security.paloaltonetworks.com/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.paloaltonetworks.com/CVE-2023-44487" }, { "reference_url": "https://ubuntu.com/security/CVE-2023-44487", "reference_id": "CVE-2023-44487", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://ubuntu.com/security/CVE-2023-44487" }, { "reference_url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack", "reference_id": "CVE-2023-44487-HTTP-2-RAPID-RESET-ATTACK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/", "reference_id": "E72T67UPDRXHIDLO3OROR25YAMN4GGW5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/", "reference_id": "FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/" }, { "reference_url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf", "reference_id": "GHSA-2m7v-gc89-fjqf", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf" }, { "reference_url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3", "reference_id": "GHSA-qppj-fm5r-hxr3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3" }, { "reference_url": "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3", "reference_id": "GHSA-qppj-fm5r-hxr3", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3" }, { "reference_url": "https://github.com/advisories/GHSA-vx74-f528-fxqg", "reference_id": "GHSA-vx74-f528-fxqg", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/advisories/GHSA-vx74-f528-fxqg" }, { "reference_url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p", "reference_id": "GHSA-xpw8-rcwv-8f8p", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p" }, { "reference_url": "https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p", "reference_id": "GHSA-xpw8-rcwv-8f8p", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p" }, { "reference_url": "https://security.gentoo.org/glsa/202408-10", "reference_id": "GLSA-202408-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-10" }, { "reference_url": "https://security.gentoo.org/glsa/202412-14", "reference_id": "GLSA-202412-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-14" }, { "reference_url": "https://security.gentoo.org/glsa/202505-11", "reference_id": "GLSA-202505-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-11" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/", "reference_id": "HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/", "reference_id": "KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/", "reference_id": "LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/", "reference_id": "LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0007/", "reference_id": "ntap-20240426-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0007/", "reference_id": "ntap-20240621-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5006", "reference_id": "RHSA-2023:5006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5009", "reference_id": "RHSA-2023:5009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5530", "reference_id": "RHSA-2023:5530", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5530" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5541", "reference_id": "RHSA-2023:5541", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5542", "reference_id": "RHSA-2023:5542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5679", "reference_id": "RHSA-2023:5679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5705", "reference_id": "RHSA-2023:5705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5706", "reference_id": "RHSA-2023:5706", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5706" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5707", "reference_id": "RHSA-2023:5707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5708", "reference_id": "RHSA-2023:5708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5709", "reference_id": "RHSA-2023:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5710", "reference_id": "RHSA-2023:5710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5711", "reference_id": "RHSA-2023:5711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5712", "reference_id": "RHSA-2023:5712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5713", "reference_id": "RHSA-2023:5713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5714", "reference_id": "RHSA-2023:5714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5715", "reference_id": "RHSA-2023:5715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5716", "reference_id": "RHSA-2023:5716", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5716" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5717", "reference_id": "RHSA-2023:5717", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5717" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5719", "reference_id": "RHSA-2023:5719", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5719" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5720", "reference_id": "RHSA-2023:5720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5721", "reference_id": "RHSA-2023:5721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5724", "reference_id": "RHSA-2023:5724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5738", "reference_id": "RHSA-2023:5738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5749", "reference_id": "RHSA-2023:5749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5764", "reference_id": "RHSA-2023:5764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5765", "reference_id": "RHSA-2023:5765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5766", "reference_id": "RHSA-2023:5766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5767", "reference_id": "RHSA-2023:5767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5767" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5768", "reference_id": "RHSA-2023:5768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5769", "reference_id": "RHSA-2023:5769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5770", "reference_id": "RHSA-2023:5770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5780", "reference_id": "RHSA-2023:5780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5783", "reference_id": "RHSA-2023:5783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5784", "reference_id": "RHSA-2023:5784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5801", "reference_id": "RHSA-2023:5801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5802", "reference_id": "RHSA-2023:5802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5803", "reference_id": "RHSA-2023:5803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5805", "reference_id": "RHSA-2023:5805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5835", "reference_id": "RHSA-2023:5835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5837", "reference_id": "RHSA-2023:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5838", "reference_id": "RHSA-2023:5838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5840", "reference_id": "RHSA-2023:5840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5841", "reference_id": "RHSA-2023:5841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5849", "reference_id": "RHSA-2023:5849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5850", "reference_id": "RHSA-2023:5850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5851", "reference_id": "RHSA-2023:5851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5863", "reference_id": "RHSA-2023:5863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5864", "reference_id": "RHSA-2023:5864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5865", "reference_id": "RHSA-2023:5865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5866", "reference_id": "RHSA-2023:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5867", "reference_id": "RHSA-2023:5867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5869", "reference_id": "RHSA-2023:5869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5896", "reference_id": "RHSA-2023:5896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5902", "reference_id": "RHSA-2023:5902", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5920", "reference_id": "RHSA-2023:5920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5922", "reference_id": "RHSA-2023:5922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5924", "reference_id": "RHSA-2023:5924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5928", "reference_id": "RHSA-2023:5928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5929", "reference_id": "RHSA-2023:5929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5930", "reference_id": "RHSA-2023:5930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5931", "reference_id": "RHSA-2023:5931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5933", "reference_id": "RHSA-2023:5933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5935", "reference_id": "RHSA-2023:5935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5945", "reference_id": "RHSA-2023:5945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5946", "reference_id": "RHSA-2023:5946", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5946" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5947", "reference_id": "RHSA-2023:5947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5956", "reference_id": "RHSA-2023:5956", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5956" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5965", "reference_id": "RHSA-2023:5965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5967", "reference_id": "RHSA-2023:5967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5969", "reference_id": "RHSA-2023:5969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5970", "reference_id": "RHSA-2023:5970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5970" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5971", "reference_id": "RHSA-2023:5971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5973", "reference_id": "RHSA-2023:5973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5973" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5974", "reference_id": "RHSA-2023:5974", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5976", "reference_id": "RHSA-2023:5976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5978", "reference_id": "RHSA-2023:5978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5979", "reference_id": "RHSA-2023:5979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5980", "reference_id": "RHSA-2023:5980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5982", "reference_id": "RHSA-2023:5982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5989", "reference_id": "RHSA-2023:5989", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5989" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6020", "reference_id": "RHSA-2023:6020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6021", "reference_id": "RHSA-2023:6021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6022", "reference_id": "RHSA-2023:6022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6023", "reference_id": "RHSA-2023:6023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6030", "reference_id": "RHSA-2023:6030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6031", "reference_id": "RHSA-2023:6031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6039", "reference_id": "RHSA-2023:6039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6039" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6040", "reference_id": "RHSA-2023:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6041", "reference_id": "RHSA-2023:6041", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6042", "reference_id": "RHSA-2023:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6048", "reference_id": "RHSA-2023:6048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6057", "reference_id": "RHSA-2023:6057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6059", "reference_id": "RHSA-2023:6059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6061", "reference_id": "RHSA-2023:6061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6077", "reference_id": "RHSA-2023:6077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6079", "reference_id": "RHSA-2023:6079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6080", "reference_id": "RHSA-2023:6080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6084", "reference_id": "RHSA-2023:6084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6105", "reference_id": "RHSA-2023:6105", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6105" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6106", "reference_id": "RHSA-2023:6106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6114", "reference_id": "RHSA-2023:6114", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6114" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6115", "reference_id": "RHSA-2023:6115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6117", "reference_id": "RHSA-2023:6117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6118", "reference_id": "RHSA-2023:6118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6120", "reference_id": "RHSA-2023:6120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6129", "reference_id": "RHSA-2023:6129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6137", "reference_id": "RHSA-2023:6137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6144", "reference_id": "RHSA-2023:6144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6154", "reference_id": "RHSA-2023:6154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6161", "reference_id": "RHSA-2023:6161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6165", "reference_id": "RHSA-2023:6165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6179", "reference_id": "RHSA-2023:6179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6217", "reference_id": "RHSA-2023:6217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6233", "reference_id": "RHSA-2023:6233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6235", "reference_id": "RHSA-2023:6235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6239", "reference_id": "RHSA-2023:6239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6248", "reference_id": "RHSA-2023:6248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6251", "reference_id": "RHSA-2023:6251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6269", "reference_id": "RHSA-2023:6269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6272", "reference_id": "RHSA-2023:6272", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6272" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6280", "reference_id": "RHSA-2023:6280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6286", "reference_id": "RHSA-2023:6286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6296", "reference_id": "RHSA-2023:6296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6298", "reference_id": "RHSA-2023:6298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6305", "reference_id": "RHSA-2023:6305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6746", "reference_id": "RHSA-2023:6746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6779", "reference_id": "RHSA-2023:6779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6781", "reference_id": "RHSA-2023:6781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6782", "reference_id": "RHSA-2023:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6783", "reference_id": "RHSA-2023:6783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6784", "reference_id": "RHSA-2023:6784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6785", "reference_id": "RHSA-2023:6785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6786", "reference_id": "RHSA-2023:6786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6787", "reference_id": "RHSA-2023:6787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6788", "reference_id": "RHSA-2023:6788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6817", "reference_id": "RHSA-2023:6817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6818", "reference_id": "RHSA-2023:6818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6832", "reference_id": "RHSA-2023:6832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6836", "reference_id": "RHSA-2023:6836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6837", "reference_id": "RHSA-2023:6837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6839", "reference_id": "RHSA-2023:6839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6840", "reference_id": "RHSA-2023:6840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7198", "reference_id": "RHSA-2023:7198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7205", "reference_id": "RHSA-2023:7205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7215", "reference_id": "RHSA-2023:7215", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7215" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7218", "reference_id": "RHSA-2023:7218", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7288", "reference_id": "RHSA-2023:7288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7315", "reference_id": "RHSA-2023:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7325", "reference_id": "RHSA-2023:7325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7334", "reference_id": "RHSA-2023:7334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7335", "reference_id": "RHSA-2023:7335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7344", "reference_id": "RHSA-2023:7344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7345", "reference_id": "RHSA-2023:7345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7481", "reference_id": "RHSA-2023:7481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7482", "reference_id": "RHSA-2023:7482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7483", "reference_id": "RHSA-2023:7483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7484", "reference_id": "RHSA-2023:7484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7486", "reference_id": "RHSA-2023:7486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7488", "reference_id": "RHSA-2023:7488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7521", "reference_id": "RHSA-2023:7521", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7522", "reference_id": "RHSA-2023:7522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7555", "reference_id": "RHSA-2023:7555", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7555" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7587", "reference_id": "RHSA-2023:7587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7610", "reference_id": "RHSA-2023:7610", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7610" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7682", "reference_id": "RHSA-2023:7682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7687", "reference_id": "RHSA-2023:7687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7699", "reference_id": "RHSA-2023:7699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7703", "reference_id": "RHSA-2023:7703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7704", "reference_id": "RHSA-2023:7704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7741", "reference_id": "RHSA-2023:7741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0269", "reference_id": "RHSA-2024:0269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0302", "reference_id": "RHSA-2024:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0777", "reference_id": "RHSA-2024:0777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1444", "reference_id": "RHSA-2024:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1770", "reference_id": "RHSA-2024:1770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2633", "reference_id": "RHSA-2024:2633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4631", "reference_id": "RHSA-2024:4631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16668", "reference_id": "RHSA-2025:16668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16668" }, { "reference_url": "https://usn.ubuntu.com/6427-1/", "reference_id": "USN-6427-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6427-1/" }, { "reference_url": "https://usn.ubuntu.com/6427-2/", "reference_id": "USN-6427-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6427-2/" }, { "reference_url": "https://usn.ubuntu.com/6438-1/", "reference_id": "USN-6438-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6438-1/" }, { "reference_url": "https://usn.ubuntu.com/6505-1/", "reference_id": "USN-6505-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6505-1/" }, { "reference_url": "https://usn.ubuntu.com/6574-1/", "reference_id": "USN-6574-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6574-1/" }, { "reference_url": "https://usn.ubuntu.com/6754-1/", "reference_id": "USN-6754-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6754-1/" }, { "reference_url": "https://usn.ubuntu.com/6994-1/", "reference_id": "USN-6994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6994-1/" }, { "reference_url": "https://usn.ubuntu.com/7067-1/", "reference_id": "USN-7067-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7067-1/" }, { "reference_url": "https://usn.ubuntu.com/7410-1/", "reference_id": "USN-7410-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7410-1/" }, { "reference_url": "https://usn.ubuntu.com/7469-1/", "reference_id": "USN-7469-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-1/" }, { "reference_url": "https://usn.ubuntu.com/7469-2/", "reference_id": "USN-7469-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-2/" }, { "reference_url": "https://usn.ubuntu.com/7469-3/", "reference_id": "USN-7469-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-3/" }, { "reference_url": "https://usn.ubuntu.com/7469-4/", "reference_id": "USN-7469-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7469-4/" }, { "reference_url": "https://usn.ubuntu.com/7892-1/", "reference_id": "USN-7892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7892-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", "reference_id": "VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/", "reference_id": "VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/", "reference_id": "WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/", "reference_id": "WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/", "reference_id": "X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/", "reference_id": "XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/", "reference_id": "ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/", "reference_id": "ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941502?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941506?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941501?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-44487", "GHSA-2m7v-gc89-fjqf", "GHSA-qppj-fm5r-hxr3", "GHSA-vx74-f528-fxqg", "GHSA-xpw8-rcwv-8f8p", "GMS-2023-3377", "VSV00013" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5781-s1ny-q7ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69013?format=api", "vulnerability_id": "VCID-5e1r-3jec-tkhp", "summary": "trafficserver: Traffic Server ESI Inclusion Depth Vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69415", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70156", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7014", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.7018", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70165", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70153", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0212", "scoring_system": "epss", "scoring_elements": "0.8416", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03368", "scoring_system": "epss", "scoring_elements": "0.8738", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03368", "scoring_system": "epss", "scoring_elements": "0.87375", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49763" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044", "reference_id": "1108044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044" }, { "reference_url": "https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8", "reference_id": "15t32nxbypqg1m2smp640vjx89o6v5f8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-20T13:56:03Z/" } ], "url": "https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373845", "reference_id": "2373845", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373845" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2025-49763" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5e1r-3jec-tkhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/259037?format=api", "vulnerability_id": "VCID-61q8-wyrp-rycg", "summary": "Improper Input Validation vulnerability in accepting socket connections in Apache Traffic Server allows an attacker to make the server stop accepting new connections. This issue affects Apache Traffic Server 5.0.0 to 9.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77311", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77346", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77326", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77357", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77393", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77372", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77408", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.774", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41585" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-41585" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-61q8-wyrp-rycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87394?format=api", "vulnerability_id": "VCID-6bwv-cd3d-mudb", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80517", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80514", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80433", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80439", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.8046", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80478", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80488", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80492", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80484", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01409", "scoring_system": "epss", "scoring_elements": "0.80513", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481" }, { "reference_url": "https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4672" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17559", "reference_id": "CVE-2019-17559", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17559" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941485?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.6%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.6%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-17559" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bwv-cd3d-mudb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95231?format=api", "vulnerability_id": "VCID-73aa-rk27-tye1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69892", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69828", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00615", "scoring_system": "epss", "scoring_elements": "0.69914", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03006", "scoring_system": "epss", "scoring_elements": "0.86581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03006", "scoring_system": "epss", "scoring_elements": "0.86592", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03006", "scoring_system": "epss", "scoring_elements": "0.86588", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03006", "scoring_system": "epss", "scoring_elements": "0.86594", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03006", "scoring_system": "epss", "scoring_elements": "0.86599", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392" }, { "reference_url": "https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02", "reference_id": "mrj2lg4s0hf027rk7gz8t7hbn9xpfg02", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:03Z/" } ], "url": "https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941497?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.6%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.6%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941496?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-37392" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73aa-rk27-tye1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95110?format=api", "vulnerability_id": "VCID-7nhc-5p2x-t3cj", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6313", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63143", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63142", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63149", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63064", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63093", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63057", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/", "reference_id": "CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CJ67IWD5PRJUOIYIDJRUG3UMS2UF4X4J/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5206", "reference_id": "dsa-5206", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5206" }, { "reference_url": "https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21", "reference_id": "rc64lwbdgrkv674koc3zl1sljr9vwg21", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/" } ], "url": "https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/", "reference_id": "ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:58:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZCSBQBYPOZSWS5LCOAQ6LJLRLXFIAW5A/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941493?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941492?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-25763" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7nhc-5p2x-t3cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93810?format=api", "vulnerability_id": "VCID-8aev-nmwa-fkcg", "summary": "A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90763", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90769", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.9078", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90791", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90802", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90808", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90817", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90815", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90834", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06136", "scoring_system": "epss", "scoring_elements": "0.90831", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8022" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941480?format=api", "purl": "pkg:deb/debian/trafficserver@7.0.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2018-8022" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8aev-nmwa-fkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/260381?format=api", "vulnerability_id": "VCID-8ta5-mh5e-cfft", "summary": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43082", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78009", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78017", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78046", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78028", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78054", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78067", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78064", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78099", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01102", "scoring_system": "epss", "scoring_elements": "0.78092", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-43082" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941490?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-43082" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ta5-mh5e-cfft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90968?format=api", "vulnerability_id": "VCID-931v-ukcc-6qaa", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87067", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87078", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87096", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.8711", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87117", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87125", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.8712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87136", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.8714", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941491?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941495?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-44040" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-931v-ukcc-6qaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92717?format=api", "vulnerability_id": "VCID-9pd6-v7d1-9qem", "summary": "The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.", "references": [ { "reference_url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g%40mail.gmail.com%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g%40mail.gmail.com%3E" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3249", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88788", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.8879", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88723", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88748", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.8875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88772", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88784", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04233", "scoring_system": "epss", "scoring_elements": "0.88792", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3249" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3249", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3249" }, { "reference_url": "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing", "reference_id": "", "reference_type": "", "scores": [], "url": "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing" }, { "reference_url": "http://www.securityfocus.com/bid/101631", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101631" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3249", "reference_id": "CVE-2015-3249", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3249" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941478?format=api", "purl": "pkg:deb/debian/trafficserver@5.3.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.3.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2015-3249" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9pd6-v7d1-9qem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92604?format=api", "vulnerability_id": "VCID-9rs4-uvph-3yh7", "summary": "Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.", "references": [ { "reference_url": "http://mail-archives.apache.org/mod_mbox/www-announce/201411.mbox/%3C20141101231749.2E3561043F%40minotaur.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201411.mbox/%3C20141101231749.2E3561043F%40minotaur.apache.org%3E" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59893", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59907", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59744", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59876", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59863", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59901", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3624" }, { "reference_url": "https://issues.apache.org/jira/browse/TS-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/jira/browse/TS-2677" }, { "reference_url": "http://www.securityfocus.com/bid/101630", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101630" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3624", "reference_id": "CVE-2014-3624", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3624" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941477?format=api", "purl": "pkg:deb/debian/trafficserver@5.0.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.0.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2014-3624" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rs4-uvph-3yh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82269?format=api", "vulnerability_id": "VCID-aqt5-2ffy-9bgs", "summary": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9515.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.92655", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.92639", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.9264", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.92652", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.92618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.92629", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09046", "scoring_system": "epss", "scoring_elements": "0.92635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10394", "scoring_system": "epss", "scoring_elements": "0.93194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10394", "scoring_system": "epss", "scoring_elements": "0.93185", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745", "reference_id": "1735745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886", "reference_id": "934886", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887", "reference_id": "934887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2565", "reference_id": "RHSA-2020:2565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3196", "reference_id": "RHSA-2020:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3197", "reference_id": "RHSA-2020:3197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5856", "reference_id": "RHSA-2024:5856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5856" }, { "reference_url": "https://usn.ubuntu.com/USN-4866-1/", "reference_id": "USN-USN-4866-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4866-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941484?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-9515" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aqt5-2ffy-9bgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93498?format=api", "vulnerability_id": "VCID-au6q-ek7r-8bgr", "summary": "sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78297", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78301", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78216", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78224", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78237", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78264", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.7827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78295", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78278", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78273", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01124", "scoring_system": "epss", "scoring_elements": "0.78304", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11783" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11783", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11783" }, { "reference_url": "https://lists.apache.org/thread.html/4f102f943935476732fb1fb653d687c7b69d29d9792f0d6cf72c505e%40%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/4f102f943935476732fb1fb653d687c7b69d29d9792f0d6cf72c505e%40%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "http://www.securityfocus.com/bid/107032", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107032" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11783", "reference_id": "CVE-2018-11783", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11783" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941482?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2018-11783" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-au6q-ek7r-8bgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95167?format=api", "vulnerability_id": "VCID-b7zx-ywwc-57d9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68025", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68076", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.6809", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02716", "scoring_system": "epss", "scoring_elements": "0.8593", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02716", "scoring_system": "epss", "scoring_elements": "0.85925", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02716", "scoring_system": "epss", "scoring_elements": "0.85944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02716", "scoring_system": "epss", "scoring_elements": "0.85947", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02716", "scoring_system": "epss", "scoring_elements": "0.85938", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941493?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941492?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-31778" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b7zx-ywwc-57d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95125?format=api", "vulnerability_id": "VCID-bb5y-kjej-bbfm", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02871", "scoring_system": "epss", "scoring_elements": "0.86284", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89184", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89187", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89205", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89209", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.8917", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89215", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89213", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89225", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04574", "scoring_system": "epss", "scoring_elements": "0.89219", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941493?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941492?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-28129" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bb5y-kjej-bbfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95322?format=api", "vulnerability_id": "VCID-bdgg-edbf-xfav", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-47184", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46436", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46465", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46522", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46519", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46464", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-47184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248", "reference_id": "1038248", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/", "reference_id": "6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5435", "reference_id": "dsa-5435", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5435" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/", "reference_id": "FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html" }, { "reference_url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", "reference_id": "tns2b4khyyncgs5v5p9y35pobg9z2bvs", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:43:40Z/" } ], "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941499?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.7%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.7%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941498?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.0%2Bds-2%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.0%252Bds-2%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941500?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-47184" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bdgg-edbf-xfav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86114?format=api", "vulnerability_id": "VCID-btm9-vxvc-3qhv", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.8984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89846", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.8979", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89828", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05102", "scoring_system": "epss", "scoring_elements": "0.89832", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518" }, { "reference_url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3Cusers.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04%40%3Cusers.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19%40%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3Cdev.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7%40%3Cdev.trafficserver.apache.org%3E" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10079", "reference_id": "CVE-2019-10079", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10079" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941484?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-10079" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btm9-vxvc-3qhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/246687?format=api", "vulnerability_id": "VCID-by94-r8f3-z3fs", "summary": "Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on the experimental Slicer plugin.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.9279", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92809", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92828", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09467", "scoring_system": "epss", "scoring_elements": "0.92832", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27737" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-27737" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-by94-r8f3-z3fs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82270?format=api", "vulnerability_id": "VCID-c5hc-3jtx-k3a6", "summary": "HTTP/2: flood using empty frames results in excessive resource consumption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.8787", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.8786", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87874", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87873", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87825", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.8785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87857", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03645", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89316", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04696", "scoring_system": "epss", "scoring_elements": "0.89311", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749", "reference_id": "1735749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935314", "reference_id": "935314", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3196", "reference_id": "RHSA-2020:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3197", "reference_id": "RHSA-2020:3197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3197" }, { "reference_url": "https://usn.ubuntu.com/USN-4866-1/", "reference_id": "USN-USN-4866-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4866-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941484?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-9518" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c5hc-3jtx-k3a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96246?format=api", "vulnerability_id": "VCID-c62p-6ghw-j3dv", "summary": "Valid Host header field can cause Apache Traffic Server to crash on some platforms. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-50305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54837", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54816", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54854", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54804", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54827", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54796", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54847", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54856", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54838", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-50305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50305" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531", "reference_id": "1087531", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531" }, { "reference_url": "https://usn.ubuntu.com/8050-1/", "reference_id": "USN-8050-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8050-1/" }, { "reference_url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y", "reference_id": "y15fh6c7kyqvzm0f9odw7c5jh4r4np0y", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:12:16Z/" } ], "url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941509?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-50305" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c62p-6ghw-j3dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90949?format=api", "vulnerability_id": "VCID-c675-5njd-63hk", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78899", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78905", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78917", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78942", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78972", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78957", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78947", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78975", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01205", "scoring_system": "epss", "scoring_elements": "0.78971", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303", "reference_id": "990303", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941489?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-27577" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c675-5njd-63hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90969?format=api", "vulnerability_id": "VCID-cbe5-hhz8-bqbn", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83612", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83625", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83639", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83641", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83665", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83672", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83689", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83678", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83713", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02005", "scoring_system": "epss", "scoring_elements": "0.83714", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941491?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941494?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.0%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.0%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-44759" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbe5-hhz8-bqbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90951?format=api", "vulnerability_id": "VCID-cscf-sb71-jybq", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92013", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92027", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92032", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92047", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92051", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92048", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92066", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92063", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92061", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303", "reference_id": "990303", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941489?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-32566" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cscf-sb71-jybq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96270?format=api", "vulnerability_id": "VCID-eay7-63um-43e9", "summary": "Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4. Users are recommended to upgrade to version 9.2.10 or 10.0.5, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-53868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.8271", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82707", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82618", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82632", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82662", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82673", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01774", "scoring_system": "epss", "scoring_elements": "0.82669", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-53868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53868" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101996", "reference_id": "1101996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101996" }, { "reference_url": "https://lists.apache.org/thread/rwyx91rsrnmpjbm04footfjjf6m9d1c9", "reference_id": "rwyx91rsrnmpjbm04footfjjf6m9d1c9", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-18T14:37:32Z/" } ], "url": "https://lists.apache.org/thread/rwyx91rsrnmpjbm04footfjjf6m9d1c9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-53868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eay7-63um-43e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96104?format=api", "vulnerability_id": "VCID-esap-nkps-cfg9", "summary": "Invalid Accept-Encoding header can cause Apache Traffic Server to fail cache lookup and force forwarding requests. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-35296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31401", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31453", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31432", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31553", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31411", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31464", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31499", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31457", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31419", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-35296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35296" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141", "reference_id": "1077141", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141" }, { "reference_url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0", "reference_id": "c4mcmpblgl8kkmyt56t23543gp8v56m0", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T14:01:18Z/" } ], "url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941505?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941504?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-35296" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-esap-nkps-cfg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87397?format=api", "vulnerability_id": "VCID-fmwc-nmhh-ryaf", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89916", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.8992", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89932", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89938", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89955", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.8996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89966", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89974", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89975", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05231", "scoring_system": "epss", "scoring_elements": "0.89971", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941487?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.7%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.7%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2020-9481" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmwc-nmhh-ryaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90965?format=api", "vulnerability_id": "VCID-fq5y-b9yq-nbee", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.76995", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.7703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77053", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77082", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77061", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77056", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77099", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.7709", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941491?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941490?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-37148" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fq5y-b9yq-nbee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/279895?format=api", "vulnerability_id": "VCID-fvbh-59fu-cfb6", "summary": "Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92233", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92231", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92193", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92199", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92213", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92222", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92223", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.9222", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08233", "scoring_system": "epss", "scoring_elements": "0.92232", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40743" }, { "reference_url": "https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02", "reference_id": "mrj2lg4s0hf027rk7gz8t7hbn9xpfg02", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:19:23Z/" } ], "url": "https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941496?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-40743" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fvbh-59fu-cfb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210266?format=api", "vulnerability_id": "VCID-gqeq-hqf6-abh9", "summary": "Improper Access Control vulnerability in Apache Traffic Server.\n\nThis issue affects Apache Traffic Server: from 10.0.0 through 10.0.3.\n\nUsers are recommended to upgrade to version 10.0.4, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22568", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22573", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22932", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34092", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45848", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45846", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4582", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45792", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56196" }, { "reference_url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023", "reference_id": "btofzws2yqskk2n7f01r3l1819x01023", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:37:33Z/" } ], "url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-56196" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gqeq-hqf6-abh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266528?format=api", "vulnerability_id": "VCID-has1-mf68-q3am", "summary": "Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2.\n\nUsers are recommended to upgrade to version 9.2.3, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91664", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.9167", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91679", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91691", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91698", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91704", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.917", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91721", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91714", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07335", "scoring_system": "epss", "scoring_elements": "0.91715", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39456" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427", "reference_id": "1054427", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", "reference_id": "VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:44:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941471?format=api", "purl": "pkg:deb/debian/trafficserver@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941506?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941501?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-39456" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-has1-mf68-q3am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54711?format=api", "vulnerability_id": "VCID-hbte-dsw2-y7ad", "summary": "golang.org/x/net/http vulnerable to ping floods\nSome HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.\n\n### Specific Go Packages Affected\ngolang.org/x/net/http2", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2594", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2661", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2682", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2690", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2726", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2766", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2769", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2796", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2861", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2925", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2939", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2955", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2966", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2966" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3131", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3245", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3265", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3892", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3906", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4018", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4019", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4020", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4021", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4040", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4041", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4042", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4045", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4269", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4273", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4352", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0406", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0727", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9512.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9512.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97869", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97866", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97858", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97876", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97873", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97888", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.9789", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.97879", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.51232", "scoring_system": "epss", "scoring_elements": "0.9788", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Aug/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/Aug/16" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "reference_url": "https://go.dev/cl/190137", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/190137" }, { "reference_url": "https://go.dev/issue/33606", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/33606" }, { "reference_url": "https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ" }, { "reference_url": "https://kb.cert.org/vuls/id/605641", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.cert.org/vuls/id/605641" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296" }, { "reference_url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0536", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0536" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/24", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Aug/24" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/31", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Aug/31" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/43", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Aug/43" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Sep/18" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190823-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190823-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190823-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190823-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190823-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190823-0005" }, { "reference_url": "https://support.f5.com/csp/article/K98053339", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.f5.com/csp/article/K98053339" }, { "reference_url": "https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS" }, { "reference_url": "https://usn.ubuntu.com/4308-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/4308-1" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4503", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4503" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4508", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4508" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4520", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4520" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_19_33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_19_33" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/08/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2019/08/20/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645", "reference_id": "1735645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886", "reference_id": "934886", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887", "reference_id": "934887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887" }, { "reference_url": "https://security.archlinux.org/ASA-201908-15", "reference_id": "ASA-201908-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-15" }, { "reference_url": "https://security.archlinux.org/AVG-1021", "reference_id": "AVG-1021", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2817", "reference_id": "RHSA-2019:2817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2565", "reference_id": "RHSA-2020:2565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3196", "reference_id": "RHSA-2020:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3197", "reference_id": "RHSA-2020:3197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5856", "reference_id": "RHSA-2024:5856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5856" }, { "reference_url": "https://usn.ubuntu.com/USN-4866-1/", "reference_id": "USN-USN-4866-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4866-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941484?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-9512", "GHSA-hgr8-6h9x-f7q9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbte-dsw2-y7ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90867?format=api", "vulnerability_id": "VCID-j6r7-ypa1-zybv", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17509", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86623", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86635", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86654", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86653", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86696", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86693", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86686", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86706", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03046", "scoring_system": "epss", "scoring_elements": "0.86699", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941486?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2020-17509" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6r7-ypa1-zybv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96247?format=api", "vulnerability_id": "VCID-jabw-thzt-63bb", "summary": "Unchecked return value can allow Apache Traffic Server to retain privileges on startup. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.5, from 10.0.0 through 10.0.1. Users are recommended to upgrade to version 9.2.6 or 10.0.2, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-50306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74422", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74424", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74372", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74379", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74394", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74415", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74395", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0082", "scoring_system": "epss", "scoring_elements": "0.74387", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-50306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50306" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531", "reference_id": "1087531", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531" }, { "reference_url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y", "reference_id": "y15fh6c7kyqvzm0f9odw7c5jh4r4np0y", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:07:42Z/" } ], "url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941510?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941509?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-50306" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jabw-thzt-63bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96103?format=api", "vulnerability_id": "VCID-jb1b-9gr2-suez", "summary": "Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-35161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56653", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56682", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56681", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56654", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56684", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56689", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56697", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56672", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56651", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-35161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35161" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141", "reference_id": "1077141", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141" }, { "reference_url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0", "reference_id": "c4mcmpblgl8kkmyt56t23543gp8v56m0", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-31T17:38:35Z/" } ], "url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941505?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941504?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-35161" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jb1b-9gr2-suez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95696?format=api", "vulnerability_id": "VCID-jdjf-3w9k-xbaw", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-41752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57296", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57272", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57326", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57319", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57321", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.573", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-41752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427", "reference_id": "1054427", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054427" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/", "reference_id": "VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-13T19:48:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941502?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941506?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941501?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-41752" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jdjf-3w9k-xbaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87396?format=api", "vulnerability_id": "VCID-k2ks-3t6e-uqgu", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.79002", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78974", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78928", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78934", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78961", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78945", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.7897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78976", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78984", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9481" }, { "reference_url": "https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4672" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1944", "reference_id": "CVE-2020-1944", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1944" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941485?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.6%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.6%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2020-1944" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2ks-3t6e-uqgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92730?format=api", "vulnerability_id": "VCID-khz4-1uav-cqgg", "summary": "Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.", "references": [ { "reference_url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201509.mbox/%3CCABF6JR2j5vesvnjbm6sDPB_zAGj3kNgzzHEpLUh6dWG6t8mC2w%40mail.gmail.com%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201509.mbox/%3CCABF6JR2j5vesvnjbm6sDPB_zAGj3kNgzzHEpLUh6dWG6t8mC2w%40mail.gmail.com%3E" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83207", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83204", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.831", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83116", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.8313", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83128", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83153", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.8316", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83176", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.8317", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83166", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01885", "scoring_system": "epss", "scoring_elements": "0.83203", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5168" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5168", "reference_id": "CVE-2015-5168", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5168" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941479?format=api", "purl": "pkg:deb/debian/trafficserver@6.0.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@6.0.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2015-5168" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khz4-1uav-cqgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96313?format=api", "vulnerability_id": "VCID-kjah-am9e-xkev", "summary": "Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56202", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34438", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34478", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34493", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37948", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.546", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54607", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54589", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54595", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54556", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.5458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54549", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56202" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56202", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56202" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691", "reference_id": "1099691", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099691" }, { "reference_url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023", "reference_id": "btofzws2yqskk2n7f01r3l1819x01023", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-06T15:38:08Z/" } ], "url": "https://lists.apache.org/thread/btofzws2yqskk2n7f01r3l1819x01023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941509?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-56202" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjah-am9e-xkev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92916?format=api", "vulnerability_id": "VCID-m8p8-5n65-qyhy", "summary": "Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82855", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82852", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82749", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82765", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82776", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82802", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82808", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82824", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82819", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82815", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01806", "scoring_system": "epss", "scoring_elements": "0.82853", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5396" }, { "reference_url": "https://issues.apache.org/jira/browse/TS-5019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/jira/browse/TS-5019" }, { "reference_url": "http://www.securityfocus.com/bid/97945", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97945" }, { "reference_url": "http://www.securitytracker.com/id/1038275", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038275" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5396", "reference_id": "CVE-2016-5396", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5396" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941480?format=api", "purl": "pkg:deb/debian/trafficserver@7.0.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2016-5396" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8p8-5n65-qyhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72347?format=api", "vulnerability_id": "VCID-msu4-5h99-2yaq", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5660", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85502", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85514", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85531", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85556", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85566", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85581", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85578", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85574", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85596", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85602", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02584", "scoring_system": "epss", "scoring_elements": "0.85598", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5660" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941481?format=api", "purl": "pkg:deb/debian/trafficserver@7.1.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5660" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-msu4-5h99-2yaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55688?format=api", "vulnerability_id": "VCID-n66u-b73u-zucb", "summary": "golang.org/x/net/http vulnerable to a reset flood\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. Servers that accept direct connections from untrusted clients could be remotely made to allocate an unlimited amount of memory, until the program crashes. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.\n\n### Specific Go Packages Affected\ngolang.org/x/net/http2", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2594", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2661", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2682", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2682" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2690", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2726", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2766", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2769", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2796", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2861", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2925", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2939", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2955", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2966", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2966" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3131", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3131" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3245", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3265", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3892", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3906", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4018", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4019", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4020", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4021", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4040", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4041", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4042", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4045", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4269", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4273", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4273" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4352", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0406", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0727", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0727" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92841", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92799", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.9281", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92818", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92822", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92826", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92825", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92836", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09483", "scoring_system": "epss", "scoring_elements": "0.92837", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518" }, { "reference_url": "http://seclists.org/fulldisclosure/2019/Aug/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2019/Aug/16" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" }, { "reference_url": "https://go.dev/cl/190137", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/190137" }, { "reference_url": "https://go.dev/issue/33606", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/33606" }, { "reference_url": "https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ" }, { "reference_url": "https://kb.cert.org/vuls/id/605641", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kb.cert.org/vuls/id/605641" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10296" }, { "reference_url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0536", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0536" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/24", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Aug/24" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/31", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Aug/31" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/43", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Aug/43" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Sep/18" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190823-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190823-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190823-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190823-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190823-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190823-0005" }, { "reference_url": "https://support.f5.com/csp/article/K01988340", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.f5.com/csp/article/K01988340" }, { "reference_url": "https://support.f5.com/csp/article/K01988340?utm_source=f5support&utm_medium=RSS", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.f5.com/csp/article/K01988340?utm_source=f5support&utm_medium=RSS" }, { "reference_url": "https://usn.ubuntu.com/4308-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/4308-1" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4503", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4503" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4508", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4508" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4520", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4520" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4669", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2020/dsa-4669" }, { "reference_url": "https://www.synology.com/security/advisory/Synology_SA_19_33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.synology.com/security/advisory/Synology_SA_19_33" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/08/20/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2019/08/20/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/18/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667", "reference_id": "1062667", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744", "reference_id": "1735744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885", "reference_id": "934885", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886", "reference_id": "934886", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887", "reference_id": "934887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887" }, { "reference_url": "https://security.archlinux.org/ASA-201908-15", "reference_id": "ASA-201908-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-15" }, { "reference_url": "https://security.archlinux.org/AVG-1021", "reference_id": "AVG-1021", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2817", "reference_id": "RHSA-2019:2817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0922", "reference_id": "RHSA-2020:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0983", "reference_id": "RHSA-2020:0983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1445", "reference_id": "RHSA-2020:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2565", "reference_id": "RHSA-2020:2565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3196", "reference_id": "RHSA-2020:3196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3197", "reference_id": "RHSA-2020:3197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5856", "reference_id": "RHSA-2024:5856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5856" }, { "reference_url": "https://usn.ubuntu.com/USN-4866-1/", "reference_id": "USN-USN-4866-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4866-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941484?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.5%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.5%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2019-9514", "GHSA-39qc-96h7-956f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n66u-b73u-zucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72349?format=api", "vulnerability_id": "VCID-nbwy-fdv2-uydt", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88778", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88786", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88802", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88805", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88822", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88839", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88835", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88834", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88846", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0427", "scoring_system": "epss", "scoring_elements": "0.88843", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941481?format=api", "purl": "pkg:deb/debian/trafficserver@7.1.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-7671" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nbwy-fdv2-uydt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95169?format=api", "vulnerability_id": "VCID-p5f7-uu6r-8bez", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04835", "scoring_system": "epss", "scoring_elements": "0.8953", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91817", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91825", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91838", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91844", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91812", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91849", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91845", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91865", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91861", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07584", "scoring_system": "epss", "scoring_elements": "0.91848", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31780" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941493?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941492?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-31780" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5f7-uu6r-8bez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90866?format=api", "vulnerability_id": "VCID-pxaf-6qxa-77h9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17508", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85704", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85716", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85735", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.8576", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85786", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85783", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.8578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85802", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02656", "scoring_system": "epss", "scoring_elements": "0.85795", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17508" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17509" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941486?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2020-17508" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxaf-6qxa-77h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73729?format=api", "vulnerability_id": "VCID-qwmj-ez4q-7qex", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94434", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94442", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94454", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94464", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94487", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94491", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14594", "scoring_system": "epss", "scoring_elements": "0.94495", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941483?format=api", "purl": "pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2018-1318" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwmj-ez4q-7qex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73731?format=api", "vulnerability_id": "VCID-r86j-zujn-f7ez", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.9119", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.9121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91223", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.9123", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91237", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.9124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91264", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91263", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06689", "scoring_system": "epss", "scoring_elements": "0.91265", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941483?format=api", "purl": "pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2018-8005" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r86j-zujn-f7ez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96145?format=api", "vulnerability_id": "VCID-rcdg-j23x-xfbn", "summary": "Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.5. Users are recommended to upgrade to version 9.2.6, which fixes the issue, or 10.0.2, which does not have the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68756", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68778", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.6868", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.687", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68728", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68746", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68755", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00574", "scoring_system": "epss", "scoring_elements": "0.68726", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38479" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531", "reference_id": "1087531", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087531" }, { "reference_url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y", "reference_id": "y15fh6c7kyqvzm0f9odw7c5jh4r4np0y", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:51:08Z/" } ], "url": "https://lists.apache.org/thread/y15fh6c7kyqvzm0f9odw7c5jh4r4np0y" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941510?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941509?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2024-38479" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcdg-j23x-xfbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92277?format=api", "vulnerability_id": "VCID-rvs1-czut-e3bg", "summary": "Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemon crash) via a long HTTP Host header.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83213", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83229", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83244", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83243", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83277", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83282", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83318", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.8332", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0256" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0256", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0256" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941474?format=api", "purl": "pkg:deb/debian/trafficserver@3.0.4-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@3.0.4-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2012-0256" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rvs1-czut-e3bg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95645?format=api", "vulnerability_id": "VCID-rw58-bnwt-2bam", "summary": "Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.585", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58521", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58458", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58477", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58448", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58501", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58507", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58524", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58504", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58517", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-38522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38522" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141", "reference_id": "1077141", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077141" }, { "reference_url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0", "reference_id": "c4mcmpblgl8kkmyt56t23543gp8v56m0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T13:37:29Z/" } ], "url": "https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941505?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.11%2Bds-0%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.11%252Bds-0%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941504?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-38522" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rw58-bnwt-2bam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93223?format=api", "vulnerability_id": "VCID-scpg-5hcj-5yd3", "summary": "Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83583", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83581", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.8348", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83493", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83507", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83508", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83556", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83551", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.83546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01972", "scoring_system": "epss", "scoring_elements": "0.8358", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5659" }, { "reference_url": "https://issues.apache.org/jira/browse/TS-4819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/jira/browse/TS-4819" }, { "reference_url": "http://www.securityfocus.com/bid/97949", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97949" }, { "reference_url": "http://www.securitytracker.com/id/1038275", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038275" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5659", "reference_id": "CVE-2017-5659", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5659" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941480?format=api", "purl": "pkg:deb/debian/trafficserver@7.0.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.0.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2017-5659" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scpg-5hcj-5yd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95549?format=api", "vulnerability_id": "VCID-skrs-cynm-r7du", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33635", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33551", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33517", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34976", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35058", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35038", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35023", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248", "reference_id": "1038248", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/", "reference_id": "6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5435", "reference_id": "dsa-5435", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5435" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/", "reference_id": "FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html", "reference_id": "msg00037.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00037.html" }, { "reference_url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", "reference_id": "tns2b4khyyncgs5v5p9y35pobg9z2bvs", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-09T13:54:57Z/" } ], "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941499?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.7%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.7%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941498?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.0%2Bds-2%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.0%252Bds-2%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941500?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-33933" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-skrs-cynm-r7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90964?format=api", "vulnerability_id": "VCID-t559-a5u6-4ke1", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.70964", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.70973", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.70991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.70966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71023", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71045", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.7103", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71013", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71059", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71066", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00656", "scoring_system": "epss", "scoring_elements": "0.71046", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941491?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941490?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-37147" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t559-a5u6-4ke1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69012?format=api", "vulnerability_id": "VCID-tevw-8dcp-yfh6", "summary": "trafficserver: Apache Traffic Server PROXY Protocol ACL Bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-31698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43155", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44141", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44124", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00743", "scoring_system": "epss", "scoring_elements": "0.73056", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73243", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00753", "scoring_system": "epss", "scoring_elements": "0.73237", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-31698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044", "reference_id": "1108044", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108044" }, { "reference_url": "https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8", "reference_id": "15t32nxbypqg1m2smp640vjx89o6v5f8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-20T13:31:33Z/" } ], "url": "https://lists.apache.org/thread/15t32nxbypqg1m2smp640vjx89o6v5f8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373846", "reference_id": "2373846", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373846" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" } ], "aliases": [ "CVE-2025-31698" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tevw-8dcp-yfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92563?format=api", "vulnerability_id": "VCID-u4tn-85je-n7gt", "summary": "Apache Traffic Server before 5.1.2 allows remote attackers to cause a denial of service via unspecified vectors, related to internal buffer sizing.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-10022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85833", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85866", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85909", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85906", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85901", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85923", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02709", "scoring_system": "epss", "scoring_elements": "0.85914", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-10022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-10022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-10022" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778895", "reference_id": "778895", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778895" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941475?format=api", "purl": "pkg:deb/debian/trafficserver@5.2.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.2.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2014-10022" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4tn-85je-n7gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95323?format=api", "vulnerability_id": "VCID-u5qg-vszr-9ye2", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-47185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58494", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58495", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58502", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58499", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58479", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58511", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58516", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.5845", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58469", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58443", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-47185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430", "reference_id": "1043430", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/", "reference_id": "BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/" }, { "reference_url": "https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc", "reference_id": "jsl6dfdgs1mjjo1mbtyflyjr7xftswhc", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/" } ], "url": "https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html", "reference_id": "msg00042.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:22:26Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941502?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941503?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941501?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-47185" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u5qg-vszr-9ye2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73730?format=api", "vulnerability_id": "VCID-ue7s-pn8b-vydz", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85523", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85535", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85578", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.856", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85596", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.85624", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02594", "scoring_system": "epss", "scoring_elements": "0.8562", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941483?format=api", "purl": "pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2018-8004" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ue7s-pn8b-vydz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90966?format=api", "vulnerability_id": "VCID-uhqf-tsxe-ayc2", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.76995", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.7703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77053", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77082", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77061", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77056", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.77099", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01007", "scoring_system": "epss", "scoring_elements": "0.7709", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941491?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941490?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-37149" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhqf-tsxe-ayc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90953?format=api", "vulnerability_id": "VCID-uhxq-9bzs-u3fd", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92679", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92686", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92693", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.9271", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92722", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09211", "scoring_system": "epss", "scoring_elements": "0.92727", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303", "reference_id": "990303", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941489?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35474" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhxq-9bzs-u3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92602?format=api", "vulnerability_id": "VCID-uvhz-uspt-7ygz", "summary": "Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, 4.x before 4.2.1.1, and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.", "references": [ { "reference_url": "http://mail-archives.apache.org/mod_mbox/trafficserver-users/201407.mbox/%3CBFCEC9C8-1BE9-4DCA-AF9C-B8FE798EEC07%40yahoo-inc.com%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "http://mail-archives.apache.org/mod_mbox/trafficserver-users/201407.mbox/%3CBFCEC9C8-1BE9-4DCA-AF9C-B8FE798EEC07%40yahoo-inc.com%3E" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3525", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79519", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79437", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79444", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79455", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79483", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79491", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79513", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79496", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79487", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79517", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79514", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3525" }, { "reference_url": "http://secunia.com/advisories/60375", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60375" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95495" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.0.0:alpha:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.0.0:alpha:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.0.0:alpha:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:2.1.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:2.1.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:3.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:3.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:4.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:4.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:traffic_server:5.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:5.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3525", "reference_id": "CVE-2014-3525", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3525" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941476?format=api", "purl": "pkg:deb/debian/trafficserver@5.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@5.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2014-3525" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvhz-uspt-7ygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95515?format=api", "vulnerability_id": "VCID-uy1m-av2n-jybt", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.7", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.69977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70025", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0062", "scoring_system": "epss", "scoring_elements": "0.70041", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00662", "scoring_system": "epss", "scoring_elements": "0.71179", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00662", "scoring_system": "epss", "scoring_elements": "0.71165", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00662", "scoring_system": "epss", "scoring_elements": "0.71148", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00662", "scoring_system": "epss", "scoring_elements": "0.71194", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00662", "scoring_system": "epss", "scoring_elements": "0.71201", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33933" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248", "reference_id": "1038248", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038248" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941499?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.7%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.7%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941498?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.0%2Bds-2%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.0%252Bds-2%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941500?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.1%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.1%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-30631" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uy1m-av2n-jybt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73732?format=api", "vulnerability_id": "VCID-va7d-ktp2-m7et", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8040", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91948", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91964", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.9197", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91983", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91986", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91988", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91985", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.92004", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.92", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07825", "scoring_system": "epss", "scoring_elements": "0.91997", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8040" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941483?format=api", "purl": "pkg:deb/debian/trafficserver@7.1.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@7.1.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2018-8040" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-va7d-ktp2-m7et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90967?format=api", "vulnerability_id": "VCID-w42s-4aps-y3c5", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78586", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78593", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78605", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.7863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78662", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78636", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.78663", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01167", "scoring_system": "epss", "scoring_elements": "0.7866", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44759" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941491?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1%2Bdeb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%252Bdeb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941494?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.0%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.0%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-38161" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w42s-4aps-y3c5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76985?format=api", "vulnerability_id": "VCID-waer-as81-8fed", "summary": "trafficserver: CONTINUATION frames DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31309.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31309.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02839", "scoring_system": "epss", "scoring_elements": "0.86139", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02839", "scoring_system": "epss", "scoring_elements": "0.86174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02839", "scoring_system": "epss", "scoring_elements": "0.86155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.87892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.87898", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.87887", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.87905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03661", "scoring_system": "epss", "scoring_elements": "0.87891", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10847", "scoring_system": "epss", "scoring_elements": "0.934", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.10847", "scoring_system": "epss", "scoring_elements": "0.93394", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31309" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068417", "reference_id": "1068417", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068417" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269627", "reference_id": "2269627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269627" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/10/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/10/7" }, { "reference_url": "https://lists.apache.org/thread/f9qh3g3jvy153wh82pz4onrfj1wh13kc", "reference_id": "f9qh3g3jvy153wh82pz4onrfj1wh13kc", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/" } ], "url": "https://lists.apache.org/thread/f9qh3g3jvy153wh82pz4onrfj1wh13kc" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBKLPQ6ECG4PGEPRCYI3Y3OITNDEFCCV/", "reference_id": "PBKLPQ6ECG4PGEPRCYI3Y3OITNDEFCCV", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBKLPQ6ECG4PGEPRCYI3Y3OITNDEFCCV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV77HYM7ARSTL3B6U3IFG7PHDU65WL4I/", "reference_id": "QV77HYM7ARSTL3B6U3IFG7PHDU65WL4I", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV77HYM7ARSTL3B6U3IFG7PHDU65WL4I/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3XON6RM5ZKCZ6K6NB7BOTAWMJQKXJDO/", "reference_id": "T3XON6RM5ZKCZ6K6NB7BOTAWMJQKXJDO", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T18:21:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3XON6RM5ZKCZ6K6NB7BOTAWMJQKXJDO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941507?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.4%2Bds-0%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.4%252Bds-0%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941508?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.4%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.4%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-31309" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-waer-as81-8fed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/349615?format=api", "vulnerability_id": "VCID-ww3t-p3pq-gkhy", "summary": "A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to set proxy.config.http.request_buffer_enabled to 0 (the default value is 0).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4001", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47341", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47362", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47336", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47402", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52693", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52677", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-58136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717", "reference_id": "1132717", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132717" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000497?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid" } ], "aliases": [ "CVE-2025-58136" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ww3t-p3pq-gkhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90952?format=api", "vulnerability_id": "VCID-xh97-4sn5-vyfw", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92013", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92027", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92032", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92047", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92051", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92048", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92066", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92063", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07927", "scoring_system": "epss", "scoring_elements": "0.92061", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303", "reference_id": "990303", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941489?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-32567" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xh97-4sn5-vyfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90942?format=api", "vulnerability_id": "VCID-xwdc-hndy-yubc", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86907", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86937", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.8693", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.8695", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86966", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.8696", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86975", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86979", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03178", "scoring_system": "epss", "scoring_elements": "0.86978", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-9494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9494" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963629", "reference_id": "963629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963629" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941488?format=api", "purl": "pkg:deb/debian/trafficserver@8.0.8%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.0.8%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2020-9494" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwdc-hndy-yubc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95168?format=api", "vulnerability_id": "VCID-xwru-y5m9-gucd", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44036", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72275", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72314", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72326", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87512", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87527", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0345", "scoring_system": "epss", "scoring_elements": "0.87529", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31780" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941493?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.5%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.5%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941492?format=api", "purl": "pkg:deb/debian/trafficserver@9.1.3%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.1.3%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-31779" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwru-y5m9-gucd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90950?format=api", "vulnerability_id": "VCID-zmh1-wmct-uyf7", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90351", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90369", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90382", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90389", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90397", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.9039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90406", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90405", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05675", "scoring_system": "epss", "scoring_elements": "0.90403", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-32565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32566" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303", "reference_id": "990303", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990303" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941489?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.1%2Bds-1.1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.1%252Bds-1.1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941472?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941470?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u3?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/941473?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4738-xk8n-hbac" }, { "vulnerability": "VCID-4hs3-be7k-9qe7" }, { "vulnerability": "VCID-4uhe-mtbx-nfdu" }, { "vulnerability": "VCID-5e1r-3jec-tkhp" }, { "vulnerability": "VCID-c62p-6ghw-j3dv" }, { "vulnerability": "VCID-eay7-63um-43e9" }, { "vulnerability": "VCID-jabw-thzt-63bb" }, { "vulnerability": "VCID-kjah-am9e-xkev" }, { "vulnerability": "VCID-rcdg-j23x-xfbn" }, { "vulnerability": "VCID-tevw-8dcp-yfh6" }, { "vulnerability": "VCID-ww3t-p3pq-gkhy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-32565" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmh1-wmct-uyf7" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u3%3Fdistro=sid" }