Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/97624?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/97624?format=api", "purl": "pkg:rpm/redhat/redhat-virtualization-host@4.5.3-202211170828_8?arch=6", "type": "rpm", "namespace": "redhat", "name": "redhat-virtualization-host", "version": "4.5.3-202211170828_8", "qualifiers": { "arch": "6" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49239?format=api", "vulnerability_id": "VCID-5yaa-23ds-bbby", "summary": "Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78615", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78603", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78585", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.7861", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78617", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78641", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01164", "scoring_system": "epss", "scoring_elements": "0.78623", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128601", "reference_id": "2128601", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128601" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/09/21/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/", "reference_id": "CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/" }, { "reference_url": "https://kb.isc.org/docs/cve-2022-38177", "reference_id": "cve-2022-38177", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://kb.isc.org/docs/cve-2022-38177" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5235", "reference_id": "dsa-5235", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5235" }, { "reference_url": "https://security.gentoo.org/glsa/202210-25", "reference_id": "GLSA-202210-25", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://security.gentoo.org/glsa/202210-25" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/", "reference_id": "MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221228-0010/", "reference_id": "ntap-20221228-0010", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221228-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6763", "reference_id": "RHSA-2022:6763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6764", "reference_id": "RHSA-2022:6764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6765", "reference_id": "RHSA-2022:6765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6778", "reference_id": "RHSA-2022:6778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6779", "reference_id": "RHSA-2022:6779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6780", "reference_id": "RHSA-2022:6780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6781", "reference_id": "RHSA-2022:6781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8598", "reference_id": "RHSA-2022:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8598" }, { "reference_url": "https://usn.ubuntu.com/5626-1/", "reference_id": "USN-5626-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5626-1/" }, { "reference_url": "https://usn.ubuntu.com/5626-2/", "reference_id": "USN-5626-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5626-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/", "reference_id": "YZJQNUASODNVAWZV6STKG5SD6XIJ446S", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-38177" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5yaa-23ds-bbby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49240?format=api", "vulnerability_id": "VCID-hb26-udtw-6uhy", "summary": "Multiple vulnerabilities have been discovered in ISC BIND, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80593", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80567", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80588", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80597", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01421", "scoring_system": "epss", "scoring_elements": "0.80601", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128602", "reference_id": "2128602", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128602" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/09/21/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/09/21/3" }, { "reference_url": "https://security.archlinux.org/AVG-2811", "reference_id": "AVG-2811", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2811" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/", "reference_id": "CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/" }, { "reference_url": "https://kb.isc.org/docs/cve-2022-38178", "reference_id": "cve-2022-38178", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://kb.isc.org/docs/cve-2022-38178" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5235", "reference_id": "dsa-5235", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5235" }, { "reference_url": "https://security.gentoo.org/glsa/202210-25", "reference_id": "GLSA-202210-25", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://security.gentoo.org/glsa/202210-25" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/", "reference_id": "MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html", "reference_id": "msg00007.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221228-0009/", "reference_id": "ntap-20221228-0009", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221228-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6763", "reference_id": "RHSA-2022:6763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6764", "reference_id": "RHSA-2022:6764", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6764" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6765", "reference_id": "RHSA-2022:6765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6778", "reference_id": "RHSA-2022:6778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6779", "reference_id": "RHSA-2022:6779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6780", "reference_id": "RHSA-2022:6780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6781", "reference_id": "RHSA-2022:6781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8598", "reference_id": "RHSA-2022:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8598" }, { "reference_url": "https://usn.ubuntu.com/5626-1/", "reference_id": "USN-5626-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5626-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/", "reference_id": "YZJQNUASODNVAWZV6STKG5SD6XIJ446S", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-38178" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hb26-udtw-6uhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43067?format=api", "vulnerability_id": "VCID-natd-8zu1-kkba", "summary": "An integer overflow vulnerability has been found in libksba which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3515.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37405", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.3727", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37429", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37258", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37309", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37321", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37298", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3515" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021928", "reference_id": "1021928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021928" }, { "reference_url": "https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html", "reference_id": "20221017-pepe-left-the-ksba.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-08T15:48:11Z/" } ], "url": "https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135610", "reference_id": "2135610", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-08T15:48:11Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135610" }, { "reference_url": "https://security.archlinux.org/AVG-2804", "reference_id": "AVG-2804", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2804" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-3515", "reference_id": "CVE-2022-3515", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-08T15:48:11Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-3515" }, { "reference_url": "https://security.gentoo.org/glsa/202210-23", "reference_id": "GLSA-202210-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-23" }, { "reference_url": "https://security.gentoo.org/glsa/202212-07", "reference_id": "GLSA-202212-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230706-0008/", "reference_id": "ntap-20230706-0008", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-08T15:48:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230706-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7088", "reference_id": "RHSA-2022:7088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7089", "reference_id": "RHSA-2022:7089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7090", "reference_id": "RHSA-2022:7090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7209", "reference_id": "RHSA-2022:7209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7283", "reference_id": "RHSA-2022:7283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7927", "reference_id": "RHSA-2022:7927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8598", "reference_id": "RHSA-2022:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8598" }, { "reference_url": "https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b", "reference_id": "rK4b7d9cd4a018898d7714ce06f3faf2626c14582b", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-08T15:48:11Z/" } ], "url": "https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b" }, { "reference_url": "https://usn.ubuntu.com/5688-1/", "reference_id": "USN-5688-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5688-1/" }, { "reference_url": "https://usn.ubuntu.com/5688-2/", "reference_id": "USN-5688-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5688-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-3515" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-natd-8zu1-kkba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31417?format=api", "vulnerability_id": "VCID-pba8-g9ts-43bw", "summary": "Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77913", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77861", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.7793", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77903", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77898", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77871", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019761", "reference_id": "1019761", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019761" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130769", "reference_id": "2130769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130769" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/629", "reference_id": "629", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/629" }, { "reference_url": "https://github.com/libexpat/libexpat/pull/640", "reference_id": "640", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://github.com/libexpat/libexpat/pull/640" }, { "reference_url": "https://security.archlinux.org/AVG-2815", "reference_id": "AVG-2815", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2815" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5236", "reference_id": "dsa-5236", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5236" }, { "reference_url": "https://security.gentoo.org/glsa/202209-24", "reference_id": "GLSA-202209-24", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://security.gentoo.org/glsa/202209-24" }, { "reference_url": "https://security.gentoo.org/glsa/202211-06", "reference_id": "GLSA-202211-06", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://security.gentoo.org/glsa/202211-06" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/", "reference_id": "GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/", "reference_id": "J2IGJNHFV53PYST7VQV3T4NHVYAMXA36", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/", "reference_id": "LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-47", "reference_id": "mfsa2022-47", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-47" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html", "reference_id": "msg00029.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221028-0008/", "reference_id": "ntap-20221028-0008", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221028-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6831", "reference_id": "RHSA-2022:6831", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6832", "reference_id": "RHSA-2022:6832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6833", "reference_id": "RHSA-2022:6833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6834", "reference_id": "RHSA-2022:6834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6838", "reference_id": "RHSA-2022:6838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6878", "reference_id": "RHSA-2022:6878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6921", "reference_id": "RHSA-2022:6921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6967", "reference_id": "RHSA-2022:6967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6995", "reference_id": "RHSA-2022:6995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6996", "reference_id": "RHSA-2022:6996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6997", "reference_id": "RHSA-2022:6997", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6997" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6998", "reference_id": "RHSA-2022:6998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7019", "reference_id": "RHSA-2022:7019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7020", "reference_id": "RHSA-2022:7020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7021", "reference_id": "RHSA-2022:7021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7022", "reference_id": "RHSA-2022:7022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7023", "reference_id": "RHSA-2022:7023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7024", "reference_id": "RHSA-2022:7024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7025", "reference_id": "RHSA-2022:7025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7026", "reference_id": "RHSA-2022:7026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8598", "reference_id": "RHSA-2022:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3068", "reference_id": "RHSA-2023:3068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3068" }, { "reference_url": "https://usn.ubuntu.com/5638-1/", "reference_id": "USN-5638-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5638-1/" }, { "reference_url": "https://usn.ubuntu.com/5638-2/", "reference_id": "USN-5638-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5638-2/" }, { "reference_url": "https://usn.ubuntu.com/5638-4/", "reference_id": "USN-5638-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5638-4/" }, { "reference_url": "https://usn.ubuntu.com/5726-1/", "reference_id": "USN-5726-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5726-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/", "reference_id": "WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/", "reference_id": "XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-40674" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pba8-g9ts-43bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38395?format=api", "vulnerability_id": "VCID-x9qp-e1e5-5kgj", "summary": "Multiple vulnerabilities have been discovered in multipath-tools, the worst of which can lead to root privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41974.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41974.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06981", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07013", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07099", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07107", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07095", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07084", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41973", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41973" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41974" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022742", "reference_id": "1022742", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022742" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133988", "reference_id": "2133988", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133988" }, { "reference_url": "https://security.gentoo.org/glsa/202311-06", "reference_id": "GLSA-202311-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7185", "reference_id": "RHSA-2022:7185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7186", "reference_id": "RHSA-2022:7186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7187", "reference_id": "RHSA-2022:7187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7188", "reference_id": "RHSA-2022:7188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7191", "reference_id": "RHSA-2022:7191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7192", "reference_id": "RHSA-2022:7192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8598", "reference_id": "RHSA-2022:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8598" }, { "reference_url": "https://usn.ubuntu.com/5731-1/", "reference_id": "USN-5731-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5731-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2022-41974" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x9qp-e1e5-5kgj" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/redhat-virtualization-host@4.5.3-202211170828_8%3Farch=6" }