Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/994909?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "type": "deb", "namespace": "debian", "name": "qemu", "version": "1:5.2+dfsg-11+deb11u3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1:10.0.2+ds-2+deb13u1~bpo12+1", "latest_non_vulnerable_version": "1:11.0.0+ds-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62359?format=api", "vulnerability_id": "VCID-3ew5-8dfe-u3d8", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1544.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18892", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19132", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19079", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19037", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19049", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19058", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18951", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18935", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19324", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19119", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19172", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19178", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1544" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034179", "reference_id": "1034179", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180364", "reference_id": "2180364", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180364" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-1544", "reference_id": "CVE-2023-1544", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-1544" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html", "reference_id": "msg00206.html", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230511-0005/", "reference_id": "ntap-20230511-0005", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:10:20Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230511-0005/" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2023-1544" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ew5-8dfe-u3d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75012?format=api", "vulnerability_id": "VCID-3kyg-9mf3-kfft", "summary": "qemu-kvm: 'qemu-img info' leads to host file read/write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4467.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4467.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16208", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1636", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16254", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1625", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17724", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17811", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17872", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17888", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17796", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1774", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1775", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18024", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075824", "reference_id": "1075824", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075824" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278875", "reference_id": "2278875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278875" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.2::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8.2::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.2::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.4::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8.4::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4", "reference_id": "cpe:/a:redhat:container_native_virtualization:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-4467", "reference_id": "CVE-2024-4467", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-4467" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4276", "reference_id": "RHSA-2024:4276", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4277", "reference_id": "RHSA-2024:4277", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4278", "reference_id": "RHSA-2024:4278", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4372", "reference_id": "RHSA-2024:4372", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4373", "reference_id": "RHSA-2024:4373", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4374", "reference_id": "RHSA-2024:4374", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4420", "reference_id": "RHSA-2024:4420", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4724", "reference_id": "RHSA-2024:4724", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4727", "reference_id": "RHSA-2024:4727", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-02T18:05:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4727" }, { "reference_url": "https://usn.ubuntu.com/7744-1/", "reference_id": "USN-7744-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7744-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2024-4467" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kyg-9mf3-kfft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/354144?format=api", "vulnerability_id": "VCID-46gg-8h8g-2kf5", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5763" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994615?format=api", "purl": "pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077793?format=api", "purl": "pkg:deb/debian/qemu@1:11.0.0%2Bds-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1" } ], "aliases": [ "CVE-2026-5763" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-46gg-8h8g-2kf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/354133?format=api", "vulnerability_id": "VCID-4mt9-kf9m-2fbz", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3890" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994615?format=api", "purl": "pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1077793?format=api", "purl": "pkg:deb/debian/qemu@1:11.0.0%2Bds-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:11.0.0%252Bds-1" } ], "aliases": [ "CVE-2026-3890" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mt9-kf9m-2fbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35385?format=api", "vulnerability_id": "VCID-6qnt-yaa3-p3bb", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35506.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08517", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08598", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08589", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08612", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08609", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08588", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08575", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08464", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08451", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08601", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08614", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08567", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0857", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35506" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909996", "reference_id": "1909996", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909996" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454", "reference_id": "984454", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984454" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2020-35506" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qnt-yaa3-p3bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74461?format=api", "vulnerability_id": "VCID-91y7-ceje-jbd3", "summary": "QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7409.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82375", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.8236", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82371", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82257", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82276", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82271", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82324", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01706", "scoring_system": "epss", "scoring_elements": "0.82347", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0175", "scoring_system": "epss", "scoring_elements": "0.82598", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7409" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302487", "reference_id": "2302487", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302487" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8", "reference_id": "cpe:/a:redhat:openshift:4.13::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8", "reference_id": "cpe:/a:redhat:openshift:4.14::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8", "reference_id": "cpe:/a:redhat:openshift:4.15::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-7409", "reference_id": "CVE-2024-7409", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-7409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10518", "reference_id": "RHSA-2024:10518", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:10518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10528", "reference_id": "RHSA-2024:10528", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:10528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6811", "reference_id": "RHSA-2024:6811", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6964", "reference_id": "RHSA-2024:6964", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7408", "reference_id": "RHSA-2024:7408", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:7408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9136", "reference_id": "RHSA-2024:9136", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9912", "reference_id": "RHSA-2024:9912", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-06T20:16:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9912" }, { "reference_url": "https://usn.ubuntu.com/7744-1/", "reference_id": "USN-7744-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7744-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2024-7409" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91y7-ceje-jbd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35411?format=api", "vulnerability_id": "VCID-cenj-mz55-jbg6", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.8954", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89554", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89571", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89576", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89583", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89582", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.8959", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89591", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89587", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89602", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89606", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04882", "scoring_system": "epss", "scoring_elements": "0.89607", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3929" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020298", "reference_id": "2020298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020298" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2021-3929" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cenj-mz55-jbg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76982?format=api", "vulnerability_id": "VCID-cnyg-wvxr-gqg3", "summary": "QEMU: sdhci: heap buffer overflow in sdhci_write_dataport()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3447.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03205", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03067", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03055", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03161", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03163", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03156", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03085", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03099", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03104", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03129", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03091", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3447" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068821", "reference_id": "1068821", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068821" }, { "reference_url": "https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/", "reference_id": "20240404085549.16987-1-philmd@linaro.org", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:42Z/" } ], "url": "https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274123", "reference_id": "2274123", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:42Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274123" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-3447", "reference_id": "CVE-2024-3447", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-14T18:53:42Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-3447" }, { "reference_url": "https://usn.ubuntu.com/7744-1/", "reference_id": "USN-7744-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7744-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2024-3447" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cnyg-wvxr-gqg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67397?format=api", "vulnerability_id": "VCID-d2ve-dnmj-4bbz", "summary": "qemu-kvm: VNC WebSocket handshake use-after-free", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11234.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11234.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29323", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31834", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33258", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33215", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33032", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33015", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33349", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33225", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33263", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33238", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11234" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11234", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11234" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117153", "reference_id": "1117153", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401209", "reference_id": "2401209", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401209" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-11234", "reference_id": "CVE-2025-11234", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-11234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23228", "reference_id": "RHSA-2025:23228", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:23228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0326", "reference_id": "RHSA-2026:0326", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0332", "reference_id": "RHSA-2026:0332", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0702", "reference_id": "RHSA-2026:0702", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1831", "reference_id": "RHSA-2026:1831", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1831" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3077", "reference_id": "RHSA-2026:3077", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3165", "reference_id": "RHSA-2026:3165", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5578", "reference_id": "RHSA-2026:5578", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-03T15:56:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:5578" }, { "reference_url": "https://usn.ubuntu.com/8073-1/", "reference_id": "USN-8073-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8073-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2025-11234" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d2ve-dnmj-4bbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62356?format=api", "vulnerability_id": "VCID-ej5p-r4az-6ud2", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4144.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4144.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05711", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05635", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05669", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05705", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05798", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05823", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05858", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05866", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05875", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05834", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05828", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4144" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148506", "reference_id": "2148506", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148506" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/", "reference_id": "GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTVPHLLXJ65BUMFBUUZ35F3J632SLFRK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/", "reference_id": "I7J5IRXJYLELW7D43A75LOWRUE5EU54O", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html", "reference_id": "msg04143.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2022-11/msg04143.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230127-0012/", "reference_id": "ntap-20230127-0012", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:17:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230127-0012/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0099", "reference_id": "RHSA-2023:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0432", "reference_id": "RHSA-2023:0432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0432" }, { "reference_url": "https://usn.ubuntu.com/6167-1/", "reference_id": "USN-6167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2022-4144" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ej5p-r4az-6ud2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76983?format=api", "vulnerability_id": "VCID-ewb7-nrtu-g7ex", "summary": "QEMU: virtio: DMA reentrancy issue leads to double free vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3446.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3446.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31784", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32155", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31993", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31866", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34178", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34038", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.3408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34067", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3446" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068820", "reference_id": "1068820", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068820" }, { "reference_url": "https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/", "reference_id": "20240409105537.18308-1-philmd@linaro.org", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/" } ], "url": "https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274211", "reference_id": "2274211", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274211" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-3446", "reference_id": "CVE-2024-3446", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-3446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6964", "reference_id": "RHSA-2024:6964", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-18T15:34:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:6964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9136", "reference_id": "RHSA-2024:9136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9136" }, { "reference_url": "https://usn.ubuntu.com/7744-1/", "reference_id": "USN-7744-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7744-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2024-3446" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewb7-nrtu-g7ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78365?format=api", "vulnerability_id": "VCID-f4sq-73vu-sfdq", "summary": "QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0165", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01625", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01632", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01631", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0154", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01548", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01534", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0152", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01536", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3019" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041102", "reference_id": "1041102", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041102" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222351", "reference_id": "2222351", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222351" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3019", "reference_id": "CVE-2023-3019", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0135", "reference_id": "RHSA-2024:0135", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0404", "reference_id": "RHSA-2024:0404", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0569", "reference_id": "RHSA-2024:0569", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2135", "reference_id": "RHSA-2024:2135", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T15:26:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2135" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2023-3019" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f4sq-73vu-sfdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35383?format=api", "vulnerability_id": "VCID-gc6n-kgsc-f3b6", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35505.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30194", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30566", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30388", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30273", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30772", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30586", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30645", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30678", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30683", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30638", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30601", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31525", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31388", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909769", "reference_id": "1909769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909769" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455", "reference_id": "984455", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984455" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2020-35505" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6n-kgsc-f3b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77875?format=api", "vulnerability_id": "VCID-kx81-eex4-hug8", "summary": "QEMU: virtio-net: stack buffer overflow in virtio_net_flush_tx()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6693.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06948", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06823", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06974", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06978", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06866", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06907", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06938", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06935", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06928", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06923", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06863", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06845", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6693" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254580", "reference_id": "2254580", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254580" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-6693", "reference_id": "CVE-2023-6693", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-6693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2962", "reference_id": "RHSA-2024:2962", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2962" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4492", "reference_id": "RHSA-2025:4492", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:46:00Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:4492" }, { "reference_url": "https://usn.ubuntu.com/6954-1/", "reference_id": "USN-6954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6954-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2023-6693" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kx81-eex4-hug8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64655?format=api", "vulnerability_id": "VCID-m47q-17n6-t7gg", "summary": "qemu-kvm: Heap buffer out-of-bounds read in VMDK compressed grain parsing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04546", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04486", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04623", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04666", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.047", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04482", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04536", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04521", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05062", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128478", "reference_id": "1128478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128478" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440934", "reference_id": "2440934", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T20:23:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440934" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-2243", "reference_id": "CVE-2026-2243", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T20:23:45Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-2243" }, { "reference_url": "https://usn.ubuntu.com/8161-1/", "reference_id": "USN-8161-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8161-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994615?format=api", "purl": "pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994676?format=api", "purl": "pkg:deb/debian/qemu@1:10.2.2%2Bds-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j9f-u62h-rug2" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-n9n4-prkb-f3c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1" } ], "aliases": [ "CVE-2026-2243" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m47q-17n6-t7gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81154?format=api", "vulnerability_id": "VCID-mtj9-1cns-yybw", "summary": "QEMU: MMIO ops null pointer dereference may lead to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15469.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12214", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1233", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12377", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12178", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12258", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12308", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12316", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1228", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12132", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12134", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12244", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12224", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12189", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12078", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853154", "reference_id": "1853154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853154" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253", "reference_id": "970253", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970253" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2020-15469" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtj9-1cns-yybw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74119?format=api", "vulnerability_id": "VCID-n71j-fz74-kyhf", "summary": "qemu-kvm: usb: assertion failure in usb_ep_get()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8354.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8354.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13599", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13712", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13722", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13691", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13816", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.1378", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13732", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13643", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13639", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082377", "reference_id": "1082377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082377" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313497", "reference_id": "2313497", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T13:38:43Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313497" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-8354", "reference_id": "CVE-2024-8354", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T13:38:43Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-8354" }, { "reference_url": "https://usn.ubuntu.com/7744-1/", "reference_id": "USN-7744-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7744-1/" }, { "reference_url": "https://usn.ubuntu.com/8073-1/", "reference_id": "USN-8073-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8073-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994615?format=api", "purl": "pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994676?format=api", "purl": "pkg:deb/debian/qemu@1:10.2.2%2Bds-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j9f-u62h-rug2" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-n9n4-prkb-f3c6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.2.2%252Bds-1" } ], "aliases": [ "CVE-2024-8354" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n71j-fz74-kyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62360?format=api", "vulnerability_id": "VCID-p2dz-mtns-5bb4", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12615", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12424", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12505", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12555", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12486", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12447", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1235", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12353", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12857", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12877", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12841", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12731", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219266", "reference_id": "2219266", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219266" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-2861", "reference_id": "CVE-2023-2861", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-2861" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240125-0005/", "reference_id": "ntap-20240125-0005", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240125-0005/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240229-0002/", "reference_id": "ntap-20240229-0002", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:40:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240229-0002/" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" }, { "reference_url": "https://usn.ubuntu.com/8172-1/", "reference_id": "USN-8172-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8172-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2023-2861" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2dz-mtns-5bb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74995?format=api", "vulnerability_id": "VCID-ptty-88p4-ybe9", "summary": "qemu-kvm: virtio-net: queue index out-of-bounds access in software RSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6505.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6505.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24445", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24556", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.245", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24486", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2454", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24659", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24675", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24577", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24589", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2458", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075919", "reference_id": "1075919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075919" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295760", "reference_id": "2295760", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:15:08Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295760" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-6505", "reference_id": "CVE-2024-6505", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-13T20:15:08Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-6505" }, { "reference_url": "https://usn.ubuntu.com/7744-1/", "reference_id": "USN-7744-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7744-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2024-6505" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptty-88p4-ybe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62358?format=api", "vulnerability_id": "VCID-pxjg-chmx-nkdc", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35414.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-35414.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53017", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53002", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53026", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.52993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53037", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53086", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53071", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53055", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53092", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53099", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53082", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53048", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53057", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35414" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014958", "reference_id": "1014958", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014958" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124911", "reference_id": "2124911", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124911" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2022-35414" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxjg-chmx-nkdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35382?format=api", "vulnerability_id": "VCID-qh2s-apkz-sbaz", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35504.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26588", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26634", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31438", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31469", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31473", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3143", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31394", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31427", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31407", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31379", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31209", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31085", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31006", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31385", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35504" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909766", "reference_id": "1909766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909766" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679", "reference_id": "979679", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979679" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2020-35504" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh2s-apkz-sbaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78075?format=api", "vulnerability_id": "VCID-qs61-1esc-c3cz", "summary": "QEMU: improper IDE controller reset can lead to MBR overwrite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5088.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5088.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02176", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02137", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0209", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02103", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0219", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0216", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0215", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02143", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02157", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02134", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02119", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02115", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5088" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5088" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247283", "reference_id": "2247283", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247283" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-5088", "reference_id": "CVE-2023-5088", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-5088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2135", "reference_id": "RHSA-2024:2135", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2962", "reference_id": "RHSA-2024:2962", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2962" }, { "reference_url": "https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/", "reference_id": "T", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T14:28:52Z/" } ], "url": "https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2023-5088" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qs61-1esc-c3cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74993?format=api", "vulnerability_id": "VCID-t58m-9jqp-43c9", "summary": "qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11332", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11495", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11447", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11407", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11421", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11507", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11566", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11575", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11541", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11515", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11372", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7730" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304289", "reference_id": "2304289", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-14T18:55:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304289" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-7730", "reference_id": "CVE-2024-7730", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-14T18:55:17Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-7730" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994615?format=api", "purl": "pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1" } ], "aliases": [ "CVE-2024-7730" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t58m-9jqp-43c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35406?format=api", "vulnerability_id": "VCID-t5gq-4bhn-gkej", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3611.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3611.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07094", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07214", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07238", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07293", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07315", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07302", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07223", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08252", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08348", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08322", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08283", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3611" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784", "reference_id": "1973784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973784" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990562", "reference_id": "990562", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990562" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7967", "reference_id": "RHSA-2022:7967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7967" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2021-3611" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t5gq-4bhn-gkej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80572?format=api", "vulnerability_id": "VCID-uzxc-npak-yyc4", "summary": "QEMU: net: eepro100: stack overflow via infinite recursion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20255.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20255.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37716", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.378", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37863", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37878", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37841", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37816", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39881", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39853", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39593", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39582", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42686", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20255" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930646", "reference_id": "1930646", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930646" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984451", "reference_id": "984451", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984451" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994615?format=api", "purl": "pkg:deb/debian/qemu@1:10.0.2%2Bds-2%2Bdeb13u1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:10.0.2%252Bds-2%252Bdeb13u1~bpo12%252B1" } ], "aliases": [ "CVE-2021-20255" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uzxc-npak-yyc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35410?format=api", "vulnerability_id": "VCID-w7gc-1eh2-3ufu", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08535", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08552", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08536", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08413", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08586", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0854", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08579", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08573", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08752", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08812", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08723", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3750" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999073", "reference_id": "1999073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999073" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7967", "reference_id": "RHSA-2022:7967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6980", "reference_id": "RHSA-2023:6980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0404", "reference_id": "RHSA-2024:0404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0569", "reference_id": "RHSA-2024:0569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0569" }, { "reference_url": "https://usn.ubuntu.com/5772-1/", "reference_id": "USN-5772-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5772-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994614?format=api", "purl": "pkg:deb/debian/qemu@1:7.2%2Bdfsg-7%2Bdeb12u18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-hkf8-96k7-kuc9" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-vcun-y6d5-6uby" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:7.2%252Bdfsg-7%252Bdeb12u18" } ], "aliases": [ "CVE-2021-3750" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7gc-1eh2-3ufu" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31748?format=api", "vulnerability_id": "VCID-145f-vwpy-ukfg", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7039.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7039.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7039", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74514", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74519", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74546", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.7452", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74552", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74568", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.7459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74571", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74563", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.746", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74607", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74599", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74635", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74641", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00831", "scoring_system": "epss", "scoring_elements": "0.74643", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791551", "reference_id": "1791551", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791551" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949084", "reference_id": "949084", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949084" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949085", "reference_id": "949085", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949085" }, { "reference_url": "https://security.gentoo.org/glsa/202005-02", "reference_id": "GLSA-202005-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0348", "reference_id": "RHSA-2020:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0775", "reference_id": "RHSA-2020:0775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1116", "reference_id": "RHSA-2020:1116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1150", "reference_id": "RHSA-2020:1150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1261", "reference_id": "RHSA-2020:1261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1296", "reference_id": "RHSA-2020:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1300", "reference_id": "RHSA-2020:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1344", "reference_id": "RHSA-2020:1344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1351", "reference_id": "RHSA-2020:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1352", "reference_id": "RHSA-2020:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1358", "reference_id": "RHSA-2020:1358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1358" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1360", "reference_id": "RHSA-2020:1360", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2342", "reference_id": "RHSA-2020:2342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2730", "reference_id": "RHSA-2020:2730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2730" }, { "reference_url": "https://usn.ubuntu.com/4283-1/", "reference_id": "USN-4283-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4283-1/" }, { "reference_url": "https://usn.ubuntu.com/4632-1/", "reference_id": "USN-4632-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4632-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036934?format=api", "purl": "pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1erd-fd8p-hqch" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-2ywm-rb9g-x3fr" }, { "vulnerability": "VCID-32jy-dr7t-2uas" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3qwz-gg8s-2ugm" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4276-jfy3-h3ck" }, { "vulnerability": "VCID-46n7-vgn3-nffj" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4s1w-v1qs-9uhp" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-56ng-2tm1-5qhk" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-5xgg-2mh6-gfg1" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7w8v-hby8-dya5" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ac7j-emx5-v7cn" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-atzs-876n-byg6" }, { "vulnerability": "VCID-b7v6-247j-kfcs" }, { "vulnerability": "VCID-bbmg-x8h6-67e5" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-bj4j-2yxz-pyeh" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-c834-hdmj-cfe1" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-chjc-4r36-y3f8" }, { "vulnerability": "VCID-cmqc-g49c-wbeq" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-cy79-xgar-eqgr" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-d8cd-qgg7-fyed" }, { "vulnerability": "VCID-dgzy-z4ad-ubc4" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-dthd-mp8z-8ucg" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-ecy5-s73b-n3db" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-f4w9-adpm-tuht" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fp83-zgum-ryb8" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gmvy-m5mq-yycx" }, { "vulnerability": "VCID-gntc-n53u-n3aj" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-hwt1-11ew-sqhv" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jdmp-aggh-ufhy" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-jnxy-g6wu-8ubu" }, { "vulnerability": "VCID-jq6v-ra9m-sqgz" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-km1b-1rvd-q3fa" }, { "vulnerability": "VCID-kvww-v5vg-qbdt" }, { "vulnerability": "VCID-kwra-y7vr-ykdg" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mgn9-kzp9-wke5" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-mzsa-tcqf-effc" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ncpf-ttuc-fqe7" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p1bu-wmxq-27dm" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-q49g-ggaf-cqbt" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qnpg-992x-5kcn" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-rdgu-3kat-j7c6" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-rkxf-jp2j-mqgf" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rxsw-t1ut-rkau" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tsyt-eq3x-5ucy" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-uj5n-mck2-2uen" }, { "vulnerability": "VCID-uryz-5yk9-9fd7" }, { "vulnerability": "VCID-v4eq-3kfm-uug9" }, { "vulnerability": "VCID-v8fp-rzfq-e3bs" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vefc-bfc3-fyg2" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-vxg6-nx6s-6feu" }, { "vulnerability": "VCID-w1je-asqn-fbcr" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-xzmg-gkxx-buau" }, { "vulnerability": "VCID-y16a-n7u8-zfen" }, { "vulnerability": "VCID-yccx-a98b-nfh4" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-z24v-fz53-zubg" }, { "vulnerability": "VCID-z31k-dhbq-k3ed" }, { "vulnerability": "VCID-z4jn-dgcg-x7du" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zfwq-v3sh-kkbp" }, { "vulnerability": "VCID-zjyq-3nyd-k3g9" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-7039" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-145f-vwpy-ukfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61632?format=api", "vulnerability_id": "VCID-14d3-jbv3-xbbe", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74672", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74676", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74708", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74746", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74716", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74753", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74761", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74751", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74786", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74793", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74796", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10761" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843707", "reference_id": "1843707", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843707" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-10761" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-14d3-jbv3-xbbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40980?format=api", "vulnerability_id": "VCID-1g7f-6q39-fyhx", "summary": "Multiple vulnerabilities have been found in libslirp, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3593.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3593.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3593", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05868", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05994", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05954", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05988", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.059", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05816", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0581", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05804", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05768", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05921", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3593" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970487", "reference_id": "1970487", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970487" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989994", "reference_id": "989994", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989994" }, { "reference_url": "https://security.archlinux.org/ASA-202106-49", "reference_id": "ASA-202106-49", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-49" }, { "reference_url": "https://security.archlinux.org/AVG-2073", "reference_id": "AVG-2073", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2073" }, { "reference_url": "https://security.gentoo.org/glsa/202107-44", "reference_id": "GLSA-202107-44", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/5009-1/", "reference_id": "USN-5009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-1/" }, { "reference_url": "https://usn.ubuntu.com/5009-2/", "reference_id": "USN-5009-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-2/" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3593" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1g7f-6q39-fyhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81711?format=api", "vulnerability_id": "VCID-28wt-9aqz-xqbg", "summary": "qemu: OOB read and write due to integer overflow in sm501_2d_operation() in hw/display/sm501.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12829.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3059", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30726", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30774", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30649", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30686", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30641", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30596", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30604", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3057", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30391", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30276", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30197", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1808510", "reference_id": "1808510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1808510" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961451", "reference_id": "961451", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961451" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-12829" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-28wt-9aqz-xqbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35420?format=api", "vulnerability_id": "VCID-29bt-r6ya-jfhu", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20263.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20263.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32842", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32971", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33005", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32828", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32875", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32904", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3287", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32844", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32864", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32679", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32564", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32479", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20263" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933668", "reference_id": "1933668", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933668" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985083", "reference_id": "985083", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985083" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20263" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29bt-r6ya-jfhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81402?format=api", "vulnerability_id": "VCID-29d8-uet3-syfh", "summary": "QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16404", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16586", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16649", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16535", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1657", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1653", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16471", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16412", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1647", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16363", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16362", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16317", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912765", "reference_id": "1912765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0648", "reference_id": "RHSA-2021:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/4725-1/", "reference_id": "USN-4725-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4725-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-11947" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29d8-uet3-syfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80642?format=api", "vulnerability_id": "VCID-3wee-2xay-r7bt", "summary": "QEMU: block: fdc: null pointer dereference may lead to guest crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20196.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20196.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11722", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11884", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11756", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11809", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11821", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11621", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1162", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11741", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11705", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11667", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11592", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20196" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919210", "reference_id": "1919210", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919210" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984453", "reference_id": "984453", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0325", "reference_id": "RHSA-2022:0325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0397", "reference_id": "RHSA-2022:0397", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1759", "reference_id": "RHSA-2022:1759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1759" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20196" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3wee-2xay-r7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78124?format=api", "vulnerability_id": "VCID-4848-dnv8-bqez", "summary": "QEMU: use-after-free in TCG accelerator can lead to local privilege escalation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24165.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24165.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24165", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62414", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62504", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62471", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62523", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62539", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62558", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62565", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62571", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62552", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62562", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62578", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00429", "scoring_system": "epss", "scoring_elements": "0.62575", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24165" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24165", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24165" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235745", "reference_id": "2235745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235745" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-24165" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4848-dnv8-bqez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61633?format=api", "vulnerability_id": "VCID-4d66-e766-q7ch", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13253.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13253.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13253", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30378", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30408", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30261", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30321", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30355", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30358", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30314", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30266", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30263", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30219", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30154", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30038", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29964", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13253" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13253", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13253" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838546", "reference_id": "1838546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1838546" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961297", "reference_id": "961297", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961297" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-2/", "reference_id": "USN-4467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13253" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4d66-e766-q7ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35416?format=api", "vulnerability_id": "VCID-4unz-8jyy-qfdc", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4206.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36992", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.37027", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36855", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36835", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36989", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36758", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36727", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.3664", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37081", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37047", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.3702", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37066", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036998", "reference_id": "2036998", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036998" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5002", "reference_id": "RHSA-2022:5002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5821", "reference_id": "RHSA-2022:5821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5821" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-4206" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4unz-8jyy-qfdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81665?format=api", "vulnerability_id": "VCID-5t1d-ve8h-9ba1", "summary": "QEMU: division by zero in oss_write() in audio/ossaudio.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15427", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15467", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15537", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15337", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15424", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15435", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15396", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15331", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1525", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15254", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15305", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15345", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15342", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15287", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848117", "reference_id": "1848117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848117" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14415" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5t1d-ve8h-9ba1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40979?format=api", "vulnerability_id": "VCID-5ur6-6ec3-p7bt", "summary": "Multiple vulnerabilities have been found in libslirp, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3592.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3592.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07033", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07056", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07047", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06972", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07106", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07072", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0703", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07062", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07068", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07174", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07219", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07198", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07054", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3592" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970484", "reference_id": "1970484", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970484" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989993", "reference_id": "989993", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989993" }, { "reference_url": "https://security.archlinux.org/ASA-202106-49", "reference_id": "ASA-202106-49", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-49" }, { "reference_url": "https://security.archlinux.org/AVG-2073", "reference_id": "AVG-2073", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2073" }, { "reference_url": "https://security.gentoo.org/glsa/202107-44", "reference_id": "GLSA-202107-44", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/5009-1/", "reference_id": "USN-5009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-1/" }, { "reference_url": "https://usn.ubuntu.com/5009-2/", "reference_id": "USN-5009-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-2/" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3592" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ur6-6ec3-p7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61635?format=api", "vulnerability_id": "VCID-6ef4-c38a-j7ca", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13362.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13362.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2705", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2696", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26859", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26842", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26803", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26745", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26737", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26667", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840999", "reference_id": "1840999", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840999" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887", "reference_id": "961887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961887" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-2/", "reference_id": "USN-4467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13362" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ef4-c38a-j7ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80756?format=api", "vulnerability_id": "VCID-6fs3-3a9w-xycq", "summary": "QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29130.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29130.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64386", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6454", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64528", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64541", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6444", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64471", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6443", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64509", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64504", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64516", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64508", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29130" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902231", "reference_id": "1902231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902231" }, { "reference_url": "https://security.archlinux.org/ASA-202012-7", "reference_id": "ASA-202012-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-7" }, { "reference_url": "https://security.archlinux.org/AVG-1305", "reference_id": "AVG-1305", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/5009-1/", "reference_id": "USN-5009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-29130" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fs3-3a9w-xycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61634?format=api", "vulnerability_id": "VCID-6hqu-ecs5-zqeb", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13361.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13361.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2705", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2696", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26859", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26842", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26803", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26745", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26737", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26667", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840980", "reference_id": "1840980", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840980" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888", "reference_id": "961888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961888" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-2/", "reference_id": "USN-4467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13361" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hqu-ecs5-zqeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40982?format=api", "vulnerability_id": "VCID-6pkj-axqp-duf1", "summary": "Multiple vulnerabilities have been found in libslirp, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3595.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3595.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3595", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06142", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06264", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06223", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06254", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06179", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0621", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0607", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06109", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06099", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06086", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06051", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0606", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06209", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3595" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3595", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3595" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970489", "reference_id": "1970489", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970489" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989996", "reference_id": "989996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989996" }, { "reference_url": "https://security.archlinux.org/ASA-202106-49", "reference_id": "ASA-202106-49", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-49" }, { "reference_url": "https://security.archlinux.org/AVG-2073", "reference_id": "AVG-2073", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2073" }, { "reference_url": "https://security.gentoo.org/glsa/202107-44", "reference_id": "GLSA-202107-44", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/5009-1/", "reference_id": "USN-5009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-1/" }, { "reference_url": "https://usn.ubuntu.com/5009-2/", "reference_id": "USN-5009-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-2/" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3595" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6pkj-axqp-duf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78336?format=api", "vulnerability_id": "VCID-6xcc-y2jp-nufx", "summary": "QEMU: net: triggerable assertion due to race condition in hot-unplug", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3301.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3301", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00317", "published_at": "2026-04-29T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0034", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00297", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00322", "published_at": "2026-04-21T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00323", "published_at": "2026-04-24T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0032", "published_at": "2026-04-26T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00339", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0033", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00304", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00303", "published_at": "2026-04-12T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00302", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3301" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215784", "reference_id": "2215784", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T17:39:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215784" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13", "reference_id": "cpe:/a:redhat:openstack:13", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:13" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3301", "reference_id": "CVE-2023-3301", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T17:39:47Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3301" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231020-0008/", "reference_id": "ntap-20231020-0008", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T17:39:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231020-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6980", "reference_id": "RHSA-2023:6980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6980" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2023-3301" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6xcc-y2jp-nufx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78311?format=api", "vulnerability_id": "VCID-7mhs-m1r3-n3ag", "summary": "QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3354.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3354.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20788", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20751", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2096", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20674", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21359", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28867", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28754", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28683", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28986", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216478", "reference_id": "2216478", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5094", "reference_id": "RHSA-2023:5094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5094" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5239", "reference_id": "RHSA-2023:5239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5264", "reference_id": "RHSA-2023:5264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5587", "reference_id": "RHSA-2023:5587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5796", "reference_id": "RHSA-2023:5796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6227", "reference_id": "RHSA-2023:6227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0404", "reference_id": "RHSA-2024:0404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0404" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2023-3354" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7mhs-m1r3-n3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35391?format=api", "vulnerability_id": "VCID-7w6v-ewcn-kkdz", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3416.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3416.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3416", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00333", "published_at": "2026-04-01T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00338", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00336", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00328", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00326", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00323", "published_at": "2026-04-12T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00322", "published_at": "2026-04-18T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00317", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00343", "published_at": "2026-04-24T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00342", "published_at": "2026-04-26T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00337", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3416" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932827", "reference_id": "1932827", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932827" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984448", "reference_id": "984448", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984448" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3061", "reference_id": "RHSA-2021:3061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3703", "reference_id": "RHSA-2021:3703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3703" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3416" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7w6v-ewcn-kkdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81243?format=api", "vulnerability_id": "VCID-7zkh-xs1s-guh6", "summary": "QEMU: slirp: networking out-of-bounds read information disclosure vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06882", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06768", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06759", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06903", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06888", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0691", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0684", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06833", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06826", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.06998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07032", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.06894", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835986", "reference_id": "1835986", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3586", "reference_id": "RHSA-2020:3586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4059", "reference_id": "RHSA-2020:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4694", "reference_id": "RHSA-2020:4694", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4694" }, { "reference_url": "https://usn.ubuntu.com/4437-1/", "reference_id": "USN-4437-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4437-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-10756" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7zkh-xs1s-guh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81447?format=api", "vulnerability_id": "VCID-8cnu-b5en-7ye3", "summary": "qemu: integer overflow in ati_2d_blt() in hw/display/ati-2d.c could lead to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11869.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11869.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26016", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.261", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2614", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25906", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25974", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26026", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26036", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25932", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25937", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25918", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25889", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25823", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25817", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25771", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11869" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809955", "reference_id": "1809955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809955" }, { "reference_url": "https://usn.ubuntu.com/4372-1/", "reference_id": "USN-4372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4372-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-11869" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8cnu-b5en-7ye3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82268?format=api", "vulnerability_id": "VCID-8jjd-u5mc-zbde", "summary": "qemu: scsi: lsi: potential infinite loop when executing script in lsi_execute_script", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12068.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12068.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24813", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24604", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24719", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24659", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24648", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24892", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24931", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24706", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2482", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24833", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24737", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24749", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24742", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2019-12068" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4665", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4665" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1773749", "reference_id": "1773749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1773749" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.1\\+dfsg-12\\+deb8u6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:1\\:2.1\\+dfsg-12\\+deb8u6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.1\\+dfsg-12\\+deb8u6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.8\\+dfsg-6\\+deb9u8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:1\\:2.8\\+dfsg-6\\+deb9u8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:2.8\\+dfsg-6\\+deb9u8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\~deb10u1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\~deb10u1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\~deb10u1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\+deb10u2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\+deb10u2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:3.1\\+dfsg-8\\+deb10u2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:4.1-1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:1\\:4.1-1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:1\\:4.1-1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12068", "reference_id": "CVE-2019-12068", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12068" }, { "reference_url": "https://usn.ubuntu.com/4191-1/", "reference_id": "USN-4191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-1/" }, { "reference_url": "https://usn.ubuntu.com/4191-2/", "reference_id": "USN-4191-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-12068" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jjd-u5mc-zbde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82101?format=api", "vulnerability_id": "VCID-8kzh-2gr5-e7gu", "summary": "QEMU: out-of-bounds read in ati_cursor_define() function in hw/display/ati.c leads to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20808.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20808.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31143", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3127", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31131", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31184", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31215", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3122", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31177", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31133", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31146", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31115", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30955", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30834", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30749", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20808" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841136", "reference_id": "1841136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841136" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-20808" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kzh-2gr5-e7gu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81125?format=api", "vulnerability_id": "VCID-93gr-c812-uud8", "summary": "QEMU: sdhci: out-of-bounds access issue while doing multi block SDMA", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25085.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25085.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25085", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3636", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36534", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36567", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36457", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36477", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36449", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36468", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36451", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36395", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36169", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36139", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36052", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25085" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879671", "reference_id": "1879671", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879671" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970540", "reference_id": "970540", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970540" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-25085" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-93gr-c812-uud8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80846?format=api", "vulnerability_id": "VCID-955d-q41q-4uau", "summary": "QEMU: net: an assert failure via eth_get_gso_type", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45648", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45715", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45735", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45684", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45739", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45728", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45786", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.4578", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45727", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45658", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45667", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45607", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27617" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891668", "reference_id": "1891668", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891668" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973324", "reference_id": "973324", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3061", "reference_id": "RHSA-2021:3061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3061" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-27617" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-955d-q41q-4uau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82949?format=api", "vulnerability_id": "VCID-9rpr-g2sm-yqb6", "summary": "QEMU: pvrdma: null dereference or excessive memory allocation when creating QP/CQ", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20125.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20125.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65869", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66011", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66001", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66013", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.6591", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.6594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65906", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65958", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.6597", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65974", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.6598", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65993", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65981", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20125" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02823.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/12/19/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2018/12/19/3" }, { "reference_url": "http://www.securityfocus.com/bid/106298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660747", "reference_id": "1660747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660747" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20125", "reference_id": "CVE-2018-20125", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20125" }, { "reference_url": "https://usn.ubuntu.com/3923-1/", "reference_id": "USN-3923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3923-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2018-20125" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rpr-g2sm-yqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35394?format=api", "vulnerability_id": "VCID-ap2r-g7ew-kqed", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09299", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.093", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09351", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09263", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09339", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09399", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0937", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09248", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09247", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0945", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09408", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09368", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958935", "reference_id": "1958935", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042", "reference_id": "989042", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3544" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ap2r-g7ew-kqed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35392?format=api", "vulnerability_id": "VCID-bcps-uatt-wkd7", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3527.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3527.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07873", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08017", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07976", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08035", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08054", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08002", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07915", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07897", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08058", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08013", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07979", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07954", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3527" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955695", "reference_id": "1955695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955695" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988157", "reference_id": "988157", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988157" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3527" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcps-uatt-wkd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82947?format=api", "vulnerability_id": "VCID-be1r-pq33-abg5", "summary": "QEMU: pvrdma: uar_read leads to NULL dereference", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20191.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20191.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7251", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72649", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72643", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72652", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72516", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72548", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72561", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72585", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72557", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.726", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7261", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72601", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20191" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03066.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/12/18/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2018/12/18/1" }, { "reference_url": "http://www.securityfocus.com/bid/106276", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106276" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660314", "reference_id": "1660314", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660314" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20191", "reference_id": "CVE-2018-20191", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20191" }, { "reference_url": "https://usn.ubuntu.com/3923-1/", "reference_id": "USN-3923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3923-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2018-20191" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-be1r-pq33-abg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35405?format=api", "vulnerability_id": "VCID-br4x-bpvj-puhr", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3608.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11238", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11253", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11263", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11174", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11015", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11025", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11155", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11094", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1105", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10986", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3608" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973383", "reference_id": "1973383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973383" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990563", "reference_id": "990563", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990563" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3608" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-br4x-bpvj-puhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82097?format=api", "vulnerability_id": "VCID-burb-pa38-fqhw", "summary": "QEMU: vnc: memory leakage upon disconnect", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20382.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20382.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13615", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13676", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13474", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13555", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1354", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13492", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13404", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.134", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13473", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13478", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13449", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13343", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810390", "reference_id": "1810390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2774", "reference_id": "RHSA-2020:2774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3267", "reference_id": "RHSA-2020:3267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3906", "reference_id": "RHSA-2020:3906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3907", "reference_id": "RHSA-2020:3907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4167", "reference_id": "RHSA-2020:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4167" }, { "reference_url": "https://usn.ubuntu.com/4372-1/", "reference_id": "USN-4372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4372-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-20382" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-burb-pa38-fqhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80862?format=api", "vulnerability_id": "VCID-c4ky-b4y8-kqd5", "summary": "QEMU: divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27661.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27661.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27661", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32437", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32582", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32441", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32517", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3252", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32482", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32491", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3227", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32154", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3207", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27661" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27661", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27661" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890653", "reference_id": "1890653", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890653" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972864", "reference_id": "972864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972864" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-27661" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ky-b4y8-kqd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78760?format=api", "vulnerability_id": "VCID-cgq2-b6my-eucg", "summary": "QEMU: lsi53c895a: DMA reentrancy issue leads to stack overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0330.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08241", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08236", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08291", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08305", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08323", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08278", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.08981", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09155", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09099", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09069", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0330" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029155", "reference_id": "1029155", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029155" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160151", "reference_id": "2160151", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160151" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-0330", "reference_id": "CVE-2023-0330", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-0330" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html", "reference_id": "msg03411.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T18:43:40Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html" }, { "reference_url": "https://usn.ubuntu.com/6167-1/", "reference_id": "USN-6167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2023-0330" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgq2-b6my-eucg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79249?format=api", "vulnerability_id": "VCID-d6gd-j7ks-xkgk", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.6869", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68849", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68787", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68836", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68842", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68709", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68727", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68705", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68757", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68756", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68808", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7039" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html" }, { "reference_url": "https://seclists.org/bugtraq/2020/Feb/0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2020/Feb/0" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4616" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/09/06/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/09/06/3" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749716", "reference_id": "1749716", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749716" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939868", "reference_id": "939868", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939868" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939869", "reference_id": "939869", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939869" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libslirp_project:libslirp:4.0.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libslirp_project:libslirp:4.0.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libslirp_project:libslirp:4.0.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:4.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15890", "reference_id": "CVE-2019-15890", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0348", "reference_id": "RHSA-2020:0348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0775", "reference_id": "RHSA-2020:0775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" }, { "reference_url": "https://usn.ubuntu.com/4191-1/", "reference_id": "USN-4191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-1/" }, { "reference_url": "https://usn.ubuntu.com/4191-2/", "reference_id": "USN-4191-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036934?format=api", "purl": "pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1erd-fd8p-hqch" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-2ywm-rb9g-x3fr" }, { "vulnerability": "VCID-32jy-dr7t-2uas" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3qwz-gg8s-2ugm" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4276-jfy3-h3ck" }, { "vulnerability": "VCID-46n7-vgn3-nffj" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4s1w-v1qs-9uhp" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-56ng-2tm1-5qhk" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-5xgg-2mh6-gfg1" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7w8v-hby8-dya5" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ac7j-emx5-v7cn" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-atzs-876n-byg6" }, { "vulnerability": "VCID-b7v6-247j-kfcs" }, { "vulnerability": "VCID-bbmg-x8h6-67e5" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-bj4j-2yxz-pyeh" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-c834-hdmj-cfe1" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-chjc-4r36-y3f8" }, { "vulnerability": "VCID-cmqc-g49c-wbeq" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-cy79-xgar-eqgr" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-d8cd-qgg7-fyed" }, { "vulnerability": "VCID-dgzy-z4ad-ubc4" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-dthd-mp8z-8ucg" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-ecy5-s73b-n3db" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-f4w9-adpm-tuht" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fp83-zgum-ryb8" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gmvy-m5mq-yycx" }, { "vulnerability": "VCID-gntc-n53u-n3aj" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-hwt1-11ew-sqhv" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jdmp-aggh-ufhy" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-jnxy-g6wu-8ubu" }, { "vulnerability": "VCID-jq6v-ra9m-sqgz" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-km1b-1rvd-q3fa" }, { "vulnerability": "VCID-kvww-v5vg-qbdt" }, { "vulnerability": "VCID-kwra-y7vr-ykdg" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mgn9-kzp9-wke5" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-mzsa-tcqf-effc" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ncpf-ttuc-fqe7" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p1bu-wmxq-27dm" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-q49g-ggaf-cqbt" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qnpg-992x-5kcn" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-rdgu-3kat-j7c6" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-rkxf-jp2j-mqgf" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rxsw-t1ut-rkau" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tsyt-eq3x-5ucy" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-uj5n-mck2-2uen" }, { "vulnerability": "VCID-uryz-5yk9-9fd7" }, { "vulnerability": "VCID-v4eq-3kfm-uug9" }, { "vulnerability": "VCID-v8fp-rzfq-e3bs" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vefc-bfc3-fyg2" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-vxg6-nx6s-6feu" }, { "vulnerability": "VCID-w1je-asqn-fbcr" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-xzmg-gkxx-buau" }, { "vulnerability": "VCID-y16a-n7u8-zfen" }, { "vulnerability": "VCID-yccx-a98b-nfh4" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-z24v-fz53-zubg" }, { "vulnerability": "VCID-z31k-dhbq-k3ed" }, { "vulnerability": "VCID-z4jn-dgcg-x7du" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zfwq-v3sh-kkbp" }, { "vulnerability": "VCID-zjyq-3nyd-k3g9" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-15890" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gd-j7ks-xkgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61637?format=api", "vulnerability_id": "VCID-dqbd-gqg9-2kgs", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08657", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08733", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08735", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0872", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0861", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08597", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08751", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08762", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08716", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08721", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842363", "reference_id": "1842363", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842363" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2521", "reference_id": "RHSA-2021:2521", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3061", "reference_id": "RHSA-2021:3061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3061" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-2/", "reference_id": "USN-4467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13754" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqbd-gqg9-2kgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80609?format=api", "vulnerability_id": "VCID-drqf-646q-xqf3", "summary": "qemu: out-of-bound heap buffer access via an interrupt ID field", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20221.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20221.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20221", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0619", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06225", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06251", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06275", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06317", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06309", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06305", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06264", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06408", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06423", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06446", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06458", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20221" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20221" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924601", "reference_id": "1924601", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1125", "reference_id": "RHSA-2021:1125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2521", "reference_id": "RHSA-2021:2521", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3061", "reference_id": "RHSA-2021:3061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3061" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20221" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drqf-646q-xqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31746?format=api", "vulnerability_id": "VCID-e99n-gc79-cqcy", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11102.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60624", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60774", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60781", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60769", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60783", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60699", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60728", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60694", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60758", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60782", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60768", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60749", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60791", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60797", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11102" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg08322.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg08322.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2020/04/06/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2020/04/06/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821180", "reference_id": "1821180", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821180" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956145", "reference_id": "956145", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956145" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:4.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11102", "reference_id": "CVE-2020-11102", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11102" }, { "reference_url": "https://security.gentoo.org/glsa/202005-02", "reference_id": "GLSA-202005-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-11102" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e99n-gc79-cqcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35407?format=api", "vulnerability_id": "VCID-eb18-wa2w-q7bn", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3682.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61708", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61782", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61813", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61831", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61847", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61837", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.6188", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61885", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61869", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61864", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61882", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00418", "scoring_system": "epss", "scoring_elements": "0.61875", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989651", "reference_id": "1989651", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989651" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911", "reference_id": "991911", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991911" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3703", "reference_id": "RHSA-2021:3703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3704", "reference_id": "RHSA-2021:3704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3704" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" }, { "reference_url": "https://usn.ubuntu.com/5772-1/", "reference_id": "USN-5772-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5772-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3682" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb18-wa2w-q7bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35402?format=api", "vulnerability_id": "VCID-een8-8kc5-qfcx", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13329", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13431", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13496", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1329", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13373", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13395", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1336", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13218", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13217", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13297", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13304", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13276", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13173", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958978", "reference_id": "1958978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958978" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042", "reference_id": "989042", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3546" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-een8-8kc5-qfcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81469?format=api", "vulnerability_id": "VCID-egyg-bbm9-8qea", "summary": "QEMU: slirp: use-after-free in ip_reass() function in ip_input.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1983.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34973", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35317", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35083", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35062", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42299", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42307", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42315", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42338", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42301", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42273", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42323", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43138", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43052", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43111", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829825", "reference_id": "1829825", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3053", "reference_id": "RHSA-2020:3053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4079", "reference_id": "RHSA-2020:4079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4290", "reference_id": "RHSA-2020:4290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0346", "reference_id": "RHSA-2021:0346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0459", "reference_id": "RHSA-2021:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0934", "reference_id": "RHSA-2021:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0934" }, { "reference_url": "https://usn.ubuntu.com/4372-1/", "reference_id": "USN-4372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4372-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-1983" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egyg-bbm9-8qea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80657?format=api", "vulnerability_id": "VCID-eqp6-raqc-dkch", "summary": "qemu: 9pfs: TOCTOU privilege escalation vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20181.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20181.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1716", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17325", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17373", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17152", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17244", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17315", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17266", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17207", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17146", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17151", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17187", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17091", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17074", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17018", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20181" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927007", "reference_id": "1927007", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927007" }, { "reference_url": "https://usn.ubuntu.com/4725-1/", "reference_id": "USN-4725-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4725-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20181" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eqp6-raqc-dkch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34657?format=api", "vulnerability_id": "VCID-ewsp-7ydm-5ub3", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13164.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13164.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13164", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0563", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05392", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0556", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05592", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05538", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05575", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05552", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05537", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05503", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722559", "reference_id": "1722559", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722559" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931351", "reference_id": "931351", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931351" }, { "reference_url": "https://security.gentoo.org/glsa/202003-66", "reference_id": "GLSA-202003-66", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-66" }, { "reference_url": "https://usn.ubuntu.com/4191-1/", "reference_id": "USN-4191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-1/" }, { "reference_url": "https://usn.ubuntu.com/4191-2/", "reference_id": "USN-4191-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036934?format=api", "purl": "pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1erd-fd8p-hqch" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-2ywm-rb9g-x3fr" }, { "vulnerability": "VCID-32jy-dr7t-2uas" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3qwz-gg8s-2ugm" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4276-jfy3-h3ck" }, { "vulnerability": "VCID-46n7-vgn3-nffj" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4s1w-v1qs-9uhp" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-56ng-2tm1-5qhk" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-5xgg-2mh6-gfg1" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7w8v-hby8-dya5" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ac7j-emx5-v7cn" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-atzs-876n-byg6" }, { "vulnerability": "VCID-b7v6-247j-kfcs" }, { "vulnerability": "VCID-bbmg-x8h6-67e5" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-bj4j-2yxz-pyeh" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-c834-hdmj-cfe1" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-chjc-4r36-y3f8" }, { "vulnerability": "VCID-cmqc-g49c-wbeq" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-cy79-xgar-eqgr" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-d8cd-qgg7-fyed" }, { "vulnerability": "VCID-dgzy-z4ad-ubc4" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-dthd-mp8z-8ucg" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-ecy5-s73b-n3db" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-f4w9-adpm-tuht" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fp83-zgum-ryb8" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gmvy-m5mq-yycx" }, { "vulnerability": "VCID-gntc-n53u-n3aj" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-hwt1-11ew-sqhv" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jdmp-aggh-ufhy" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-jnxy-g6wu-8ubu" }, { "vulnerability": "VCID-jq6v-ra9m-sqgz" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-km1b-1rvd-q3fa" }, { "vulnerability": "VCID-kvww-v5vg-qbdt" }, { "vulnerability": "VCID-kwra-y7vr-ykdg" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mgn9-kzp9-wke5" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-mzsa-tcqf-effc" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ncpf-ttuc-fqe7" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p1bu-wmxq-27dm" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-q49g-ggaf-cqbt" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qnpg-992x-5kcn" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-rdgu-3kat-j7c6" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-rkxf-jp2j-mqgf" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rxsw-t1ut-rkau" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tsyt-eq3x-5ucy" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-uj5n-mck2-2uen" }, { "vulnerability": "VCID-uryz-5yk9-9fd7" }, { "vulnerability": "VCID-v4eq-3kfm-uug9" }, { "vulnerability": "VCID-v8fp-rzfq-e3bs" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vefc-bfc3-fyg2" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-vxg6-nx6s-6feu" }, { "vulnerability": "VCID-w1je-asqn-fbcr" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-xzmg-gkxx-buau" }, { "vulnerability": "VCID-y16a-n7u8-zfen" }, { "vulnerability": "VCID-yccx-a98b-nfh4" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-z24v-fz53-zubg" }, { "vulnerability": "VCID-z31k-dhbq-k3ed" }, { "vulnerability": "VCID-z4jn-dgcg-x7du" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zfwq-v3sh-kkbp" }, { "vulnerability": "VCID-zjyq-3nyd-k3g9" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-13164" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewsp-7ydm-5ub3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61639?format=api", "vulnerability_id": "VCID-ezm8-pq4d-mkhg", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13800.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28466", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28604", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28407", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28474", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28515", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28425", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28442", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28419", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28368", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28243", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28131", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28051", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13800" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843771", "reference_id": "1843771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843771" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13800" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ezm8-pq4d-mkhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62353?format=api", "vulnerability_id": "VCID-f2fx-sqtp-8yhe", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0216.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0216.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06028", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06061", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0609", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06073", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06114", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06152", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06144", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06093", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06104", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06254", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06273", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.063", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06311", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0216" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014590", "reference_id": "1014590", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014590" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036953", "reference_id": "2036953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036953" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" }, { "reference_url": "https://usn.ubuntu.com/5772-1/", "reference_id": "USN-5772-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5772-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2022-0216" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f2fx-sqtp-8yhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40981?format=api", "vulnerability_id": "VCID-ffd9-9wm1-rffs", "summary": "Multiple vulnerabilities have been found in libslirp, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3594.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3594.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07906", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0785", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0801", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07972", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07937", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07969", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07991", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07978", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0796", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08215", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08071", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3594" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491", "reference_id": "1970491", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970491" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989995", "reference_id": "989995", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989995" }, { "reference_url": "https://security.archlinux.org/ASA-202106-49", "reference_id": "ASA-202106-49", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-49" }, { "reference_url": "https://security.archlinux.org/AVG-2073", "reference_id": "AVG-2073", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2073" }, { "reference_url": "https://security.gentoo.org/glsa/202107-44", "reference_id": "GLSA-202107-44", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/5009-1/", "reference_id": "USN-5009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-1/" }, { "reference_url": "https://usn.ubuntu.com/5009-2/", "reference_id": "USN-5009-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-2/" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3594" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ffd9-9wm1-rffs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82951?format=api", "vulnerability_id": "VCID-fucx-q3j9-qkat", "summary": "QEMU: pvrdma: infinite loop in pvrdma_qp_send/recv", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20216.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20216.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65794", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65936", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65927", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65938", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65874", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65903", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65921", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65908", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65878", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65913", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65928", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00498", "scoring_system": "epss", "scoring_elements": "0.65917", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20216" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03052.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg03052.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/12/19/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2018/12/19/2" }, { "reference_url": "http://www.securityfocus.com/bid/106291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106291" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660753", "reference_id": "1660753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660753" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20216", "reference_id": "CVE-2018-20216", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20216" }, { "reference_url": "https://usn.ubuntu.com/3923-1/", "reference_id": "USN-3923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3923-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2018-20216" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fucx-q3j9-qkat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34658?format=api", "vulnerability_id": "VCID-gqtx-g1cs-6ybn", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8608.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81079", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81113", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.8114", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81165", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81144", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81181", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81183", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81203", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81211", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01501", "scoring_system": "epss", "scoring_elements": "0.81216", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8608" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798453", "reference_id": "1798453", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798453" }, { "reference_url": "https://security.gentoo.org/glsa/202003-66", "reference_id": "GLSA-202003-66", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-66" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1208", "reference_id": "RHSA-2020:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1209", "reference_id": "RHSA-2020:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1261", "reference_id": "RHSA-2020:1261", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1292", "reference_id": "RHSA-2020:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1300", "reference_id": "RHSA-2020:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1351", "reference_id": "RHSA-2020:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1352", "reference_id": "RHSA-2020:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1379", "reference_id": "RHSA-2020:1379", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1379" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1403", "reference_id": "RHSA-2020:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2342", "reference_id": "RHSA-2020:2342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2730", "reference_id": "RHSA-2020:2730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2773", "reference_id": "RHSA-2020:2773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2774", "reference_id": "RHSA-2020:2774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2844", "reference_id": "RHSA-2020:2844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3040", "reference_id": "RHSA-2020:3040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3040" }, { "reference_url": "https://usn.ubuntu.com/4283-1/", "reference_id": "USN-4283-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4283-1/" }, { "reference_url": "https://usn.ubuntu.com/4632-1/", "reference_id": "USN-4632-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4632-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-8608" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gqtx-g1cs-6ybn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94148?format=api", "vulnerability_id": "VCID-h22r-c3az-3fa3", "summary": "An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 (the size of a sector). NOTE: a member of the QEMU security team disputes the significance of this issue because a \"privileged guest user has many ways to cause similar DoS effect, without triggering this assert.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20175", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67585", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67488", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67576", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67555", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67574", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67584", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67452", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67509", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67487", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67538", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67553", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67575", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67562", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67529", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00537", "scoring_system": "epss", "scoring_elements": "0.67564", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20175" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg00597.html", "reference_id": "msg00597.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg00597.html" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg01651.html", "reference_id": "msg01651.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg01651.html" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg02165.html", "reference_id": "msg02165.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg02165.html" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg03869.html", "reference_id": "msg03869.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/" } ], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg03869.html" }, { "reference_url": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg667396.html", "reference_id": "msg667396.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:35:51Z/" } ], "url": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg667396.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-20175" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h22r-c3az-3fa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81332?format=api", "vulnerability_id": "VCID-h5sc-3zrc-23dn", "summary": "QEMU: loader: OOB access while loading registered ROM may lead to code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13765.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13765.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58804", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58901", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58868", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.5892", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58926", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58943", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58907", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58941", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58945", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58923", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58906", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58922", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00371", "scoring_system": "epss", "scoring_elements": "0.58908", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842912", "reference_id": "1842912", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0347", "reference_id": "RHSA-2021:0347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0347" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" }, { "reference_url": "https://usn.ubuntu.com/7094-1/", "reference_id": "USN-7094-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7094-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13765" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5sc-3zrc-23dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80849?format=api", "vulnerability_id": "VCID-hq1b-c1ew-kkga", "summary": "QEMU: ati-vga: potential crash via invalid x y parameter values", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27616.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63006", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63094", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63059", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63145", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6313", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63143", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63151", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63131", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63153", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63167", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63165", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27616" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894036", "reference_id": "1894036", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894036" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975265", "reference_id": "975265", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975265" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-27616" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hq1b-c1ew-kkga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35404?format=api", "vulnerability_id": "VCID-hrhp-htnd-7bbx", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3607.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38532", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38667", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38691", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38654", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38675", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38653", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38575", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38416", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38391", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38299", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3607" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973349", "reference_id": "1973349", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973349" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990564", "reference_id": "990564", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990564" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3607" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hrhp-htnd-7bbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82802?format=api", "vulnerability_id": "VCID-j11x-bba3-zkdj", "summary": "QEMU: ppc64: sPAPR emulator leaks the host hardware identity", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28149", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27749", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.2802", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27938", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27826", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.2822", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28264", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28121", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28165", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28172", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28129", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28072", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28082", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28065", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-8934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190411-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190411-0006/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/02/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/02/21/1" }, { "reference_url": "http://www.securityfocus.com/bid/107115", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107115" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668022", "reference_id": "1668022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668022" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922923", "reference_id": "922923", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922923" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8934", "reference_id": "CVE-2019-8934", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-8934" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j11x-bba3-zkdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35423?format=api", "vulnerability_id": "VCID-j1gy-ttz5-1yct", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26353.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26353.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47052", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47071", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47019", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4707", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47095", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47076", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47132", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47128", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47062", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47072", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47021", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063197", "reference_id": "2063197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063197" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5002", "reference_id": "RHSA-2022:5002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5263", "reference_id": "RHSA-2022:5263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5821", "reference_id": "RHSA-2022:5821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5821" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2022-26353" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1gy-ttz5-1yct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35419?format=api", "vulnerability_id": "VCID-j6hs-wm45-s3ej", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20257.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20257.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22726", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.229", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22944", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22737", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22812", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22885", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22848", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22792", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22806", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.228", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2276", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22598", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2259", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22585", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20257" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20257" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930087", "reference_id": "1930087", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930087" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984450", "reference_id": "984450", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984450" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5238", "reference_id": "RHSA-2021:5238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5238" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0081", "reference_id": "RHSA-2022:0081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0081" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20257" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6hs-wm45-s3ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80185?format=api", "vulnerability_id": "VCID-jmca-kswb-1beq", "summary": "QEMU: ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3638.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3638.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05164", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05208", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05237", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05261", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05297", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05317", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05282", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05268", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05254", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05199", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05334", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05369", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05411", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05409", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979858", "reference_id": "1979858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979858" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992726", "reference_id": "992726", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992726" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3638" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmca-kswb-1beq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80797?format=api", "vulnerability_id": "VCID-juek-f6et-x7eb", "summary": "QEMU: e1000e: infinite loop scenario in case of null packet descriptor", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14431", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14564", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14457", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14511", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1446", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14423", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14366", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14257", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14258", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14328", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14359", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14334", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14275", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-28916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28916" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903064", "reference_id": "1903064", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903064" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974687", "reference_id": "974687", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=974687" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388", "reference_id": "976388", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/4725-1/", "reference_id": "USN-4725-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4725-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-28916" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-juek-f6et-x7eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82280?format=api", "vulnerability_id": "VCID-ke54-4uc4-rkbs", "summary": "qemu: hw/display/bochs-display.c does not ensure a sufficient PCI config space allocation leading to a buffer overflow involving the PCIe extended config space", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40955", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40764", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40956", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40861", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40848", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41068", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4105", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41033", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4106", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41031", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4665", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4665" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812659", "reference_id": "1812659", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812659" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15034", "reference_id": "CVE-2019-15034", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15034" }, { "reference_url": "https://usn.ubuntu.com/4372-1/", "reference_id": "USN-4372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4372-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-15034" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ke54-4uc4-rkbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80745?format=api", "vulnerability_id": "VCID-mn7m-an9j-yucj", "summary": "QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27821.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27821.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27821", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10652", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10792", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10759", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10827", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10772", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10634", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10649", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10774", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10728", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10707", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27821", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27821" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902651", "reference_id": "1902651", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902651" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977616", "reference_id": "977616", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/4725-1/", "reference_id": "USN-4725-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4725-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-27821" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mn7m-an9j-yucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35403?format=api", "vulnerability_id": "VCID-nb4k-f7rm-kuhg", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3582.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3582.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3582", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37003", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37176", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37204", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37086", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37099", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37075", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37049", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37077", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3702", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36789", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36757", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3667", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3582" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966266", "reference_id": "1966266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966266" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990565", "reference_id": "990565", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990565" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3582" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nb4k-f7rm-kuhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80430?format=api", "vulnerability_id": "VCID-ne4d-zj65-qkgx", "summary": "QEMU: fdc: heap buffer overflow in DMA read data transfers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08241", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08349", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08356", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08373", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08225", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08212", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08343", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08306", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08272", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3507" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3507" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951118", "reference_id": "1951118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951118" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410", "reference_id": "987410", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7472", "reference_id": "RHSA-2022:7472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7967", "reference_id": "RHSA-2022:7967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7967" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3507" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ne4d-zj65-qkgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80905?format=api", "vulnerability_id": "VCID-nuwe-tupt-wfhg", "summary": "QEMU: usb: hcd-ohci: infinite loop issue while processing transfer descriptors", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25625.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25625.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08833", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08699", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08868", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08821", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35125", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3513", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35095", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34948", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35176", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35054", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25625" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879808", "reference_id": "1879808", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879808" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970542", "reference_id": "970542", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970542" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-25625" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuwe-tupt-wfhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81124?format=api", "vulnerability_id": "VCID-p2we-9qfu-17eb", "summary": "QEMU: usb: use-after-free issue while setting up packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25084.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25084.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25084", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10292", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10273", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10244", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10378", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10359", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10351", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.111", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11045", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10944", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11082", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11145", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10966", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25084" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879652", "reference_id": "1879652", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879652" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970539", "reference_id": "970539", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970539" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-25084" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2we-9qfu-17eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31747?format=api", "vulnerability_id": "VCID-phfy-zv23-sqcr", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68175", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68197", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68215", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68243", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68258", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68283", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.6827", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68236", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68276", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68287", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68267", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68311", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68319", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68322", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-1711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1711" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1794290", "reference_id": "1794290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1794290" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949731", "reference_id": "949731", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949731" }, { "reference_url": "https://security.gentoo.org/glsa/202005-02", "reference_id": "GLSA-202005-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202005-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0669", "reference_id": "RHSA-2020:0669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0730", "reference_id": "RHSA-2020:0730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0731", "reference_id": "RHSA-2020:0731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0773", "reference_id": "RHSA-2020:0773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1150", "reference_id": "RHSA-2020:1150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1216", "reference_id": "RHSA-2020:1216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1296", "reference_id": "RHSA-2020:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1300", "reference_id": "RHSA-2020:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1352", "reference_id": "RHSA-2020:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1358", "reference_id": "RHSA-2020:1358", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1358" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1505", "reference_id": "RHSA-2020:1505", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2472", "reference_id": "RHSA-2020:2472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2472" }, { "reference_url": "https://usn.ubuntu.com/4283-1/", "reference_id": "USN-4283-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4283-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-1711" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phfy-zv23-sqcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35397?format=api", "vulnerability_id": "VCID-q38v-9gvs-sydf", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30418", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30464", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30272", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30331", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30368", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30324", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30291", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30273", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30229", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30164", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30049", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29974", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958955", "reference_id": "1958955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958955" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042", "reference_id": "989042", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989042" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3545" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q38v-9gvs-sydf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82943?format=api", "vulnerability_id": "VCID-qejd-5dkk-muhc", "summary": "QEMU: pvrdma: memory leakage in device hotplug", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20123.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20123.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36064", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36259", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36293", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36128", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36177", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36195", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36201", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36164", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36138", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36165", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36114", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.35884", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.35852", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.35765", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20123" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658963", "reference_id": "1658963", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658963" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916442", "reference_id": "916442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916442" }, { "reference_url": "https://usn.ubuntu.com/3923-1/", "reference_id": "USN-3923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3923-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2018-20123" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qejd-5dkk-muhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35412?format=api", "vulnerability_id": "VCID-qn73-3gkb-rkbm", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17001", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17172", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17224", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16955", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17103", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17078", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17032", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1691", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16947", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16851", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16833", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16789", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3930" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020588", "reference_id": "2020588", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020588" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5065", "reference_id": "RHSA-2021:5065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5238", "reference_id": "RHSA-2021:5238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5238" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0081", "reference_id": "RHSA-2022:0081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0081" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" }, { "reference_url": "https://usn.ubuntu.com/5772-1/", "reference_id": "USN-5772-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5772-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3930" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qn73-3gkb-rkbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35409?format=api", "vulnerability_id": "VCID-r47h-wdgy-7bga", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10319", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10438", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10505", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10365", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10533", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10478", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10345", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10449", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10432", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998514", "reference_id": "1998514", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998514" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993401", "reference_id": "993401", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993401" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4112", "reference_id": "RHSA-2021:4112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5036", "reference_id": "RHSA-2021:5036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1759", "reference_id": "RHSA-2022:1759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1759" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3748" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r47h-wdgy-7bga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80608?format=api", "vulnerability_id": "VCID-r51r-u7mq-93cy", "summary": "QEMU: scsi: mptsas: use-after-free while processing io requests", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3392.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07325", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07437", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07479", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07461", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07519", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07541", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07529", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07516", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07438", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07428", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07557", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07517", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07507", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07476", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3392" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924042", "reference_id": "1924042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924042" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984449", "reference_id": "984449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984449" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3392" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r51r-u7mq-93cy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80970?format=api", "vulnerability_id": "VCID-re83-uvh8-5bgq", "summary": "QEMU: out-of-bounds read/write in ati-vga device emulation in ati_2d_blt()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24352.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33459", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33616", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33649", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33488", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33533", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33566", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33518", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35132", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35195", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35181", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3479", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34898", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34879", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24352" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847584", "reference_id": "1847584", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847584" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968820", "reference_id": "968820", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968820" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-24352" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re83-uvh8-5bgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76578?format=api", "vulnerability_id": "VCID-ruzy-eqc8-5ubs", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.9111", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91116", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91131", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91144", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.9115", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91158", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91159", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91183", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91184", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91187", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91199", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91198", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06584", "scoring_system": "epss", "scoring_elements": "0.91195", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20815" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14378" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734745", "reference_id": "1734745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734745" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741", "reference_id": "933741", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933741" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742", "reference_id": "933742", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933742" }, { "reference_url": "https://github.com/vishnudevtj/exploits/blob/bdbe2647969150c63ee3b34da5a2deb056e64f0b/qemu/CVE-2019-14378/exp.c", "reference_id": "CVE-2019-14378", "reference_type": "exploit", "scores": [], "url": "https://github.com/vishnudevtj/exploits/blob/bdbe2647969150c63ee3b34da5a2deb056e64f0b/qemu/CVE-2019-14378/exp.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47320.c", "reference_id": "CVE-2019-14378", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/47320.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3179", "reference_id": "RHSA-2019:3179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3403", "reference_id": "RHSA-2019:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3494", "reference_id": "RHSA-2019:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3742", "reference_id": "RHSA-2019:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3787", "reference_id": "RHSA-2019:3787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3968", "reference_id": "RHSA-2019:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4344", "reference_id": "RHSA-2019:4344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:4344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0366", "reference_id": "RHSA-2020:0366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0775", "reference_id": "RHSA-2020:0775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0889", "reference_id": "RHSA-2020:0889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1216", "reference_id": "RHSA-2020:1216", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1216" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2065", "reference_id": "RHSA-2020:2065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2126", "reference_id": "RHSA-2020:2126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2342", "reference_id": "RHSA-2020:2342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2342" }, { "reference_url": "https://usn.ubuntu.com/4191-1/", "reference_id": "USN-4191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-1/" }, { "reference_url": "https://usn.ubuntu.com/4191-2/", "reference_id": "USN-4191-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4191-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036934?format=api", "purl": "pkg:deb/debian/qemu@1:2.8%2Bdfsg-6%2Bdeb9u9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1erd-fd8p-hqch" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-2ywm-rb9g-x3fr" }, { "vulnerability": "VCID-32jy-dr7t-2uas" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3qwz-gg8s-2ugm" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4276-jfy3-h3ck" }, { "vulnerability": "VCID-46n7-vgn3-nffj" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4s1w-v1qs-9uhp" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-56ng-2tm1-5qhk" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-5xgg-2mh6-gfg1" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7w8v-hby8-dya5" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ac7j-emx5-v7cn" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-atzs-876n-byg6" }, { "vulnerability": "VCID-b7v6-247j-kfcs" }, { "vulnerability": "VCID-bbmg-x8h6-67e5" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-bj4j-2yxz-pyeh" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-c834-hdmj-cfe1" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-chjc-4r36-y3f8" }, { "vulnerability": "VCID-cmqc-g49c-wbeq" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-cy79-xgar-eqgr" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-d8cd-qgg7-fyed" }, { "vulnerability": "VCID-dgzy-z4ad-ubc4" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-dthd-mp8z-8ucg" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-ecy5-s73b-n3db" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-f4w9-adpm-tuht" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fp83-zgum-ryb8" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gmvy-m5mq-yycx" }, { "vulnerability": "VCID-gntc-n53u-n3aj" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-hwt1-11ew-sqhv" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jdmp-aggh-ufhy" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-jnxy-g6wu-8ubu" }, { "vulnerability": "VCID-jq6v-ra9m-sqgz" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-km1b-1rvd-q3fa" }, { "vulnerability": "VCID-kvww-v5vg-qbdt" }, { "vulnerability": "VCID-kwra-y7vr-ykdg" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mgn9-kzp9-wke5" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-mzsa-tcqf-effc" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ncpf-ttuc-fqe7" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p1bu-wmxq-27dm" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-q49g-ggaf-cqbt" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qnpg-992x-5kcn" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-rdgu-3kat-j7c6" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-rkxf-jp2j-mqgf" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rxsw-t1ut-rkau" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tsyt-eq3x-5ucy" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-uj5n-mck2-2uen" }, { "vulnerability": "VCID-uryz-5yk9-9fd7" }, { "vulnerability": "VCID-v4eq-3kfm-uug9" }, { "vulnerability": "VCID-v8fp-rzfq-e3bs" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vefc-bfc3-fyg2" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-vxg6-nx6s-6feu" }, { "vulnerability": "VCID-w1je-asqn-fbcr" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-xzmg-gkxx-buau" }, { "vulnerability": "VCID-y16a-n7u8-zfen" }, { "vulnerability": "VCID-yccx-a98b-nfh4" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-z24v-fz53-zubg" }, { "vulnerability": "VCID-z31k-dhbq-k3ed" }, { "vulnerability": "VCID-z4jn-dgcg-x7du" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zfwq-v3sh-kkbp" }, { "vulnerability": "VCID-zjyq-3nyd-k3g9" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:2.8%252Bdfsg-6%252Bdeb9u9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2019-14378" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ruzy-eqc8-5ubs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81468?format=api", "vulnerability_id": "VCID-rvs5-s55e-9ueb", "summary": "qemu: weak signature generation in Pointer Authentication support for ARM", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10702.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10702.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10467", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10609", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10608", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10667", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10681", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10489", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10508", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10633", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10582", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1058", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10528", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10702" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809948", "reference_id": "1809948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809948" }, { "reference_url": "https://usn.ubuntu.com/4372-1/", "reference_id": "USN-4372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4372-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-10702" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rvs5-s55e-9ueb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62352?format=api", "vulnerability_id": "VCID-rz5x-q1ne-53he", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14394.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14394.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14394", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06818", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06951", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06935", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06989", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0702", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07025", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06946", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0693", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07048", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07052", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07013", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14394" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14394", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14394" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908004", "reference_id": "1908004", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908004" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979677", "reference_id": "979677", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979677" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14394" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rz5x-q1ne-53he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61638?format=api", "vulnerability_id": "VCID-sy57-hngf-d3gn", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13791.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13791.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13791", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3855", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3868", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38664", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38638", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38686", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38586", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38433", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38408", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38316", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13791" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13791", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13791" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843764", "reference_id": "1843764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843764" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13791" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sy57-hngf-d3gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80755?format=api", "vulnerability_id": "VCID-t2y3-nbz8-jqa7", "summary": "QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29129.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29129.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50965", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50997", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5103", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51037", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51018", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51057", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51054", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51075", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51058", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51103", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51081", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29129" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902231", "reference_id": "1902231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902231" }, { "reference_url": "https://security.archlinux.org/ASA-202012-7", "reference_id": "ASA-202012-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202012-7" }, { "reference_url": "https://security.archlinux.org/AVG-1305", "reference_id": "AVG-1305", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/5009-1/", "reference_id": "USN-5009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5009-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-29129" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2y3-nbz8-jqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35375?format=api", "vulnerability_id": "VCID-t44w-g1ys-47e6", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09552", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09537", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30453", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30818", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30654", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30538", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.324", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32414", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32385", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15859" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859168", "reference_id": "1859168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859168" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978", "reference_id": "965978", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/4725-1/", "reference_id": "USN-4725-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4725-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-15859" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t44w-g1ys-47e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78215?format=api", "vulnerability_id": "VCID-t6cq-kfkw-wbch", "summary": "QEMU: virtio-crypto: heap buffer overflow in virtio_crypto_sym_op_helper()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3180.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02408", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02307", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02334", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02318", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02304", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02285", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02292", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02366", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02358", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0231", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222424", "reference_id": "2222424", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222424" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3180", "reference_id": "CVE-2023-3180", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3180" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/", "reference_id": "MURWGXDIF2WTDXV36T6HFJDBL632AO7R", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230831-0008/", "reference_id": "ntap-20230831-0008", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:56:22Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230831-0008/" }, { "reference_url": "https://usn.ubuntu.com/6567-1/", "reference_id": "USN-6567-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6567-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2023-3180" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t6cq-kfkw-wbch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62354?format=api", "vulnerability_id": "VCID-takm-jn93-eqgb", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08132", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08244", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08255", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08266", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08246", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08228", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08123", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08109", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08273", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0825", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08211", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08177", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014589", "reference_id": "1014589", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014589" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069625", "reference_id": "2069625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069625" }, { "reference_url": "https://security.gentoo.org/glsa/202408-18", "reference_id": "GLSA-202408-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-18" }, { "reference_url": "https://usn.ubuntu.com/6167-1/", "reference_id": "USN-6167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2022-1050" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-takm-jn93-eqgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80976?format=api", "vulnerability_id": "VCID-tk7k-71bb-97hh", "summary": "QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25723.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25723.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25723", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10443", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10586", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10513", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10646", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10628", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10469", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10487", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10613", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10562", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10509", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25723" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898579", "reference_id": "1898579", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898579" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975276", "reference_id": "975276", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0648", "reference_id": "RHSA-2021:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0771", "reference_id": "RHSA-2021:0771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-25723" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tk7k-71bb-97hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35387?format=api", "vulnerability_id": "VCID-tyv8-tzu8-23fj", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24402", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24528", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24563", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24414", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24388", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24378", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24349", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24225", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24211", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24172", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1915823", "reference_id": "1915823", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1915823" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814", "reference_id": "980814", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0711", "reference_id": "RHSA-2021:0711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0743", "reference_id": "RHSA-2021:0743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0743" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-35517" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyv8-tzu8-23fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82950?format=api", "vulnerability_id": "VCID-u1wj-9rfp-wyea", "summary": "QEMU: pvrdma: memory leakage when creating cq/qp", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29535", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29129", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29423", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29308", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29194", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29602", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29651", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29472", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29573", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29575", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.2953", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29477", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29496", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29469", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20126" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/12/19/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2018/12/19/4" }, { "reference_url": "http://www.securityfocus.com/bid/106298", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106298" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660751", "reference_id": "1660751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20126", "reference_id": "CVE-2018-20126", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20126" }, { "reference_url": "https://usn.ubuntu.com/3923-1/", "reference_id": "USN-3923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3923-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2018-20126" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1wj-9rfp-wyea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82948?format=api", "vulnerability_id": "VCID-vbq6-qtub-ffbg", "summary": "QEMU: rdma: OOB access when building scatter-gather array", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20124.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20124.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20124", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35716", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35418", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35537", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35505", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35913", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35944", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35775", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35825", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35791", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.3583", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35818", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35769", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20124" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2018/12/18/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2018/12/18/2" }, { "reference_url": "http://www.securityfocus.com/bid/106290", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106290" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660372", "reference_id": "1660372", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660372" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922461", "reference_id": "922461", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922461" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20124", "reference_id": "CVE-2018-20124", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20124" }, { "reference_url": "https://usn.ubuntu.com/3923-1/", "reference_id": "USN-3923-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3923-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2018-20124" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbq6-qtub-ffbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80904?format=api", "vulnerability_id": "VCID-vpp8-a7sw-pqef", "summary": "QEMU: usb: hcd-ohci: out-of-bound access issue while processing transfer descriptors", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09939", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09884", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10025", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09984", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09839", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09808", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09957", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09987", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09953", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09898", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25624" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879801", "reference_id": "1879801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879801" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970541", "reference_id": "970541", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970541" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-25624" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpp8-a7sw-pqef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35425?format=api", "vulnerability_id": "VCID-vpu8-k8me-tfe6", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26354.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26354.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01502", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01386", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.014", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01485", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01493", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01494", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01408", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01401", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01395", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01396", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04324", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04333", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04365", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063257", "reference_id": "2063257", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063257" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5002", "reference_id": "RHSA-2022:5002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5263", "reference_id": "RHSA-2022:5263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5821", "reference_id": "RHSA-2022:5821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5821" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2022-26354" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpu8-k8me-tfe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35418?format=api", "vulnerability_id": "VCID-vrwy-exwv-vyhr", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20203", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08695", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08723", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08771", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08697", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08799", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08801", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08768", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08752", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08641", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08631", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08784", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08797", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08753", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08756", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20203" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922441", "reference_id": "1922441", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922441" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452", "reference_id": "984452", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-20203" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrwy-exwv-vyhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35390?format=api", "vulnerability_id": "VCID-vvaj-skpn-u3ar", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3409.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16727", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40612", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40593", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40573", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4062", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4059", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40512", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4041", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40397", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40316", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4063", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40552", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3409" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928146", "reference_id": "1928146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928146" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986795", "reference_id": "986795", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986795" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3409" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vvaj-skpn-u3ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35376?format=api", "vulnerability_id": "VCID-wdjx-9f36-abgu", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15863.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13872", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13955", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13813", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13896", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13905", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.1382", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31127", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31177", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31158", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30761", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30967", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30845", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853725", "reference_id": "1853725", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853725" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-15863" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdjx-9f36-abgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61631?format=api", "vulnerability_id": "VCID-wg5b-8smu-b3fm", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37232", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37397", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37421", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37249", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.373", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37312", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37323", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3729", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37262", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37309", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37291", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37238", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37014", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.36982", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.36897", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10717" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10717" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827808", "reference_id": "1827808", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827808" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959746", "reference_id": "959746", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959746" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-10717" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wg5b-8smu-b3fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35381?format=api", "vulnerability_id": "VCID-wjxf-kgdw-2kau", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16092.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-16092", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11559", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11728", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11513", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.116", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1166", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11608", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11472", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11598", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11551", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11512", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1144", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-16092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860283", "reference_id": "1860283", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860283" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5111", "reference_id": "RHSA-2020:5111", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0346", "reference_id": "RHSA-2021:0346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0347", "reference_id": "RHSA-2021:0347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0459", "reference_id": "RHSA-2021:0459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0934", "reference_id": "RHSA-2021:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-16092" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wjxf-kgdw-2kau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4232?format=api", "vulnerability_id": "VCID-wm9d-ymbb-sfdc", "summary": "QEMU: usb: out-of-bounds r/w access issue", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94268", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94277", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.9429", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94299", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94304", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94333", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94332", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94324", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.9433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.13903", "scoring_system": "epss", "scoring_elements": "0.94329", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.14223", "scoring_system": "epss", "scoring_elements": "0.94409", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16092" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869201", "reference_id": "1869201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869201" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968947", "reference_id": "968947", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968947" }, { "reference_url": "https://security.gentoo.org/glsa/202009-14", "reference_id": "GLSA-202009-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202009-14" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4047", "reference_id": "RHSA-2020:4047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4048", "reference_id": "RHSA-2020:4048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4049", "reference_id": "RHSA-2020:4049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4050", "reference_id": "RHSA-2020:4050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4051", "reference_id": "RHSA-2020:4051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4052", "reference_id": "RHSA-2020:4052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4053", "reference_id": "RHSA-2020:4053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4054", "reference_id": "RHSA-2020:4054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4055", "reference_id": "RHSA-2020:4055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4056", "reference_id": "RHSA-2020:4056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4058", "reference_id": "RHSA-2020:4058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4059", "reference_id": "RHSA-2020:4059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4078", "reference_id": "RHSA-2020:4078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4079", "reference_id": "RHSA-2020:4079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4111", "reference_id": "RHSA-2020:4111", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4115", "reference_id": "RHSA-2020:4115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4162", "reference_id": "RHSA-2020:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4167", "reference_id": "RHSA-2020:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4172", "reference_id": "RHSA-2020:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4176", "reference_id": "RHSA-2020:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4290", "reference_id": "RHSA-2020:4290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4291", "reference_id": "RHSA-2020:4291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4291" }, { "reference_url": "https://usn.ubuntu.com/4467-2/", "reference_id": "USN-4467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-2/" }, { "reference_url": "https://usn.ubuntu.com/4511-1/", "reference_id": "USN-4511-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4511-1/" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-335.html", "reference_id": "XSA-335", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-335.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14364", "XSA-335" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wm9d-ymbb-sfdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80784?format=api", "vulnerability_id": "VCID-wyr6-c2nv-p3a2", "summary": "QEMU: ide: atapi: OOB access while processing read commands", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22657", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22831", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22666", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22741", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22793", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22776", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2272", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22736", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22731", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22689", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22529", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2252", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22518", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29443" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917446", "reference_id": "1917446", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917446" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983575", "reference_id": "983575", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2322", "reference_id": "RHSA-2021:2322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2529", "reference_id": "RHSA-2021:2529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2529" }, { "reference_url": "https://usn.ubuntu.com/4725-1/", "reference_id": "USN-4725-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4725-1/" }, { "reference_url": "https://usn.ubuntu.com/5010-1/", "reference_id": "USN-5010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-29443" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wyr6-c2nv-p3a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80977?format=api", "vulnerability_id": "VCID-x8ue-gf65-uket", "summary": "QEMU: heap buffer overflow in sdhci_sdma_transfer_multi_blocks() in hw/sd/sdhci.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17380.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17380.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17380", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53606", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53556", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53588", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53571", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53607", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53612", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53595", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53541", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53509", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5356", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55504", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55393", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.5556", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55534", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00326", "scoring_system": "epss", "scoring_elements": "0.55543", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-17380" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17380" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862167", "reference_id": "1862167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862167" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970937", "reference_id": "970937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970937" }, { "reference_url": "https://usn.ubuntu.com/4650-1/", "reference_id": "USN-4650-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4650-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-17380" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ue-gf65-uket" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35408?format=api", "vulnerability_id": "VCID-ycrs-vy13-wbff", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09598", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09663", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09714", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09741", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09753", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09721", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09705", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09567", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09719", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09677", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994640", "reference_id": "1994640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992727", "reference_id": "992727", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992727" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3713" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ycrs-vy13-wbff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35417?format=api", "vulnerability_id": "VCID-yt3z-g3w7-xfa5", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15388", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15497", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.153", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15438", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.154", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15361", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15307", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15305", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15295", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15211", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15216", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15267", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15932", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036966", "reference_id": "2036966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036966" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5002", "reference_id": "RHSA-2022:5002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5821", "reference_id": "RHSA-2022:5821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5821" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2021-4207" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yt3z-g3w7-xfa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35422?format=api", "vulnerability_id": "VCID-zf4c-x45c-tudm", "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0358.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10785", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1092", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10984", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1081", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1094", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10749", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10883", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10844", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10802", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10742", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0358" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044863", "reference_id": "2044863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044863" }, { "reference_url": "https://security.gentoo.org/glsa/202208-27", "reference_id": "GLSA-202208-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0759", "reference_id": "RHSA-2022:0759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0759" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0886", "reference_id": "RHSA-2022:0886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0949", "reference_id": "RHSA-2022:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0971", "reference_id": "RHSA-2022:0971", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0971" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0973", "reference_id": "RHSA-2022:0973", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0973" }, { "reference_url": "https://usn.ubuntu.com/5307-1/", "reference_id": "USN-5307-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5307-1/" }, { "reference_url": "https://usn.ubuntu.com/5489-1/", "reference_id": "USN-5489-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5489-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2022-0358" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zf4c-x45c-tudm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61636?format=api", "vulnerability_id": "VCID-zk4y-2xjp-vfcs", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13659.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13659.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10798", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10933", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10823", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10898", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10919", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10896", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10761", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10774", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10895", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10854", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10813", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10752", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842496", "reference_id": "1842496", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842496" }, { "reference_url": "https://security.gentoo.org/glsa/202011-09", "reference_id": "GLSA-202011-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202011-09" }, { "reference_url": "https://usn.ubuntu.com/4467-1/", "reference_id": "USN-4467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-1/" }, { "reference_url": "https://usn.ubuntu.com/4467-2/", "reference_id": "USN-4467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4467-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037820?format=api", "purl": "pkg:deb/debian/qemu@1:3.1%2Bdfsg-8%2Bdeb10u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-145f-vwpy-ukfg" }, { "vulnerability": "VCID-14d3-jbv3-xbbe" }, { "vulnerability": "VCID-1g7f-6q39-fyhx" }, { "vulnerability": "VCID-28wt-9aqz-xqbg" }, { "vulnerability": "VCID-29bt-r6ya-jfhu" }, { "vulnerability": "VCID-29d8-uet3-syfh" }, { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3wee-2xay-r7bt" }, { "vulnerability": "VCID-4848-dnv8-bqez" }, { "vulnerability": "VCID-4d66-e766-q7ch" }, { "vulnerability": "VCID-4unz-8jyy-qfdc" }, { "vulnerability": "VCID-5t1d-ve8h-9ba1" }, { "vulnerability": "VCID-5ur6-6ec3-p7bt" }, { "vulnerability": "VCID-6ef4-c38a-j7ca" }, { "vulnerability": "VCID-6fs3-3a9w-xycq" }, { "vulnerability": "VCID-6hqu-ecs5-zqeb" }, { "vulnerability": "VCID-6pkj-axqp-duf1" }, { "vulnerability": "VCID-6xcc-y2jp-nufx" }, { "vulnerability": "VCID-7mhs-m1r3-n3ag" }, { "vulnerability": "VCID-7w6v-ewcn-kkdz" }, { "vulnerability": "VCID-7zkh-xs1s-guh6" }, { "vulnerability": "VCID-8cnu-b5en-7ye3" }, { "vulnerability": "VCID-8jjd-u5mc-zbde" }, { "vulnerability": "VCID-8kzh-2gr5-e7gu" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-93gr-c812-uud8" }, { "vulnerability": "VCID-955d-q41q-4uau" }, { "vulnerability": "VCID-9rpr-g2sm-yqb6" }, { "vulnerability": "VCID-ap2r-g7ew-kqed" }, { "vulnerability": "VCID-bcps-uatt-wkd7" }, { "vulnerability": "VCID-be1r-pq33-abg5" }, { "vulnerability": "VCID-br4x-bpvj-puhr" }, { "vulnerability": "VCID-burb-pa38-fqhw" }, { "vulnerability": "VCID-c4ky-b4y8-kqd5" }, { "vulnerability": "VCID-cgq2-b6my-eucg" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d6gd-j7ks-xkgk" }, { "vulnerability": "VCID-dqbd-gqg9-2kgs" }, { "vulnerability": "VCID-drqf-646q-xqf3" }, { "vulnerability": "VCID-e99n-gc79-cqcy" }, { "vulnerability": "VCID-eb18-wa2w-q7bn" }, { "vulnerability": "VCID-een8-8kc5-qfcx" }, { "vulnerability": "VCID-egyg-bbm9-8qea" }, { "vulnerability": "VCID-eqp6-raqc-dkch" }, { "vulnerability": "VCID-ewsp-7ydm-5ub3" }, { "vulnerability": "VCID-ezm8-pq4d-mkhg" }, { "vulnerability": "VCID-f2fx-sqtp-8yhe" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-ffd9-9wm1-rffs" }, { "vulnerability": "VCID-fucx-q3j9-qkat" }, { "vulnerability": "VCID-gqtx-g1cs-6ybn" }, { "vulnerability": "VCID-h22r-c3az-3fa3" }, { "vulnerability": "VCID-h5sc-3zrc-23dn" }, { "vulnerability": "VCID-hq1b-c1ew-kkga" }, { "vulnerability": "VCID-hrhp-htnd-7bbx" }, { "vulnerability": "VCID-j11x-bba3-zkdj" }, { "vulnerability": "VCID-j1gy-ttz5-1yct" }, { "vulnerability": "VCID-j6hs-wm45-s3ej" }, { "vulnerability": "VCID-jmca-kswb-1beq" }, { "vulnerability": "VCID-juek-f6et-x7eb" }, { "vulnerability": "VCID-ke54-4uc4-rkbs" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-mn7m-an9j-yucj" }, { "vulnerability": "VCID-nb4k-f7rm-kuhg" }, { "vulnerability": "VCID-ne4d-zj65-qkgx" }, { "vulnerability": "VCID-nuwe-tupt-wfhg" }, { "vulnerability": "VCID-p2we-9qfu-17eb" }, { "vulnerability": "VCID-phfy-zv23-sqcr" }, { "vulnerability": "VCID-q38v-9gvs-sydf" }, { "vulnerability": "VCID-qejd-5dkk-muhc" }, { "vulnerability": "VCID-qn73-3gkb-rkbm" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-r47h-wdgy-7bga" }, { "vulnerability": "VCID-r51r-u7mq-93cy" }, { "vulnerability": "VCID-re83-uvh8-5bgq" }, { "vulnerability": "VCID-ruzy-eqc8-5ubs" }, { "vulnerability": "VCID-rvs5-s55e-9ueb" }, { "vulnerability": "VCID-rz5x-q1ne-53he" }, { "vulnerability": "VCID-sy57-hngf-d3gn" }, { "vulnerability": "VCID-t2y3-nbz8-jqa7" }, { "vulnerability": "VCID-t44w-g1ys-47e6" }, { "vulnerability": "VCID-t6cq-kfkw-wbch" }, { "vulnerability": "VCID-takm-jn93-eqgb" }, { "vulnerability": "VCID-tk7k-71bb-97hh" }, { "vulnerability": "VCID-tyv8-tzu8-23fj" }, { "vulnerability": "VCID-u1wj-9rfp-wyea" }, { "vulnerability": "VCID-vbq6-qtub-ffbg" }, { "vulnerability": "VCID-vpp8-a7sw-pqef" }, { "vulnerability": "VCID-vpu8-k8me-tfe6" }, { "vulnerability": "VCID-vrwy-exwv-vyhr" }, { "vulnerability": "VCID-vvaj-skpn-u3ar" }, { "vulnerability": "VCID-wdjx-9f36-abgu" }, { "vulnerability": "VCID-wg5b-8smu-b3fm" }, { "vulnerability": "VCID-wjxf-kgdw-2kau" }, { "vulnerability": "VCID-wm9d-ymbb-sfdc" }, { "vulnerability": "VCID-wyr6-c2nv-p3a2" }, { "vulnerability": "VCID-x8ue-gf65-uket" }, { "vulnerability": "VCID-ycrs-vy13-wbff" }, { "vulnerability": "VCID-yt3z-g3w7-xfa5" }, { "vulnerability": "VCID-zf4c-x45c-tudm" }, { "vulnerability": "VCID-zk4y-2xjp-vfcs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:3.1%252Bdfsg-8%252Bdeb10u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/994909?format=api", "purl": "pkg:deb/debian/qemu@1:5.2%2Bdfsg-11%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ew5-8dfe-u3d8" }, { "vulnerability": "VCID-3kyg-9mf3-kfft" }, { "vulnerability": "VCID-46gg-8h8g-2kf5" }, { "vulnerability": "VCID-4mt9-kf9m-2fbz" }, { "vulnerability": "VCID-6qnt-yaa3-p3bb" }, { "vulnerability": "VCID-91y7-ceje-jbd3" }, { "vulnerability": "VCID-cenj-mz55-jbg6" }, { "vulnerability": "VCID-cnyg-wvxr-gqg3" }, { "vulnerability": "VCID-d2ve-dnmj-4bbz" }, { "vulnerability": "VCID-ej5p-r4az-6ud2" }, { "vulnerability": "VCID-ewb7-nrtu-g7ex" }, { "vulnerability": "VCID-f4sq-73vu-sfdq" }, { "vulnerability": "VCID-gc6n-kgsc-f3b6" }, { "vulnerability": "VCID-kx81-eex4-hug8" }, { "vulnerability": "VCID-m47q-17n6-t7gg" }, { "vulnerability": "VCID-mtj9-1cns-yybw" }, { "vulnerability": "VCID-n71j-fz74-kyhf" }, { "vulnerability": "VCID-p2dz-mtns-5bb4" }, { "vulnerability": "VCID-ptty-88p4-ybe9" }, { "vulnerability": "VCID-pxjg-chmx-nkdc" }, { "vulnerability": "VCID-qh2s-apkz-sbaz" }, { "vulnerability": "VCID-qs61-1esc-c3cz" }, { "vulnerability": "VCID-t58m-9jqp-43c9" }, { "vulnerability": "VCID-t5gq-4bhn-gkej" }, { "vulnerability": "VCID-uzxc-npak-yyc4" }, { "vulnerability": "VCID-w7gc-1eh2-3ufu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" } ], "aliases": [ "CVE-2020-13659" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zk4y-2xjp-vfcs" } ], "risk_score": "3.7", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/qemu@1:5.2%252Bdfsg-11%252Bdeb11u3" }