Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/995126?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "type": "deb", "namespace": "debian", "name": "glibc", "version": "2.36-8", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.40-5", "latest_non_vulnerable_version": "2.42-15", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64138?format=api", "vulnerability_id": "VCID-3e43-r92j-hkd3", "summary": "glibc: glibc: Incorrect DNS response parsing via crafted DNS server response", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4437.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4437.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.143", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14208", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14151", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15551", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15496", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15514", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15552", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16379", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16579", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4437" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131435", "reference_id": "1131435", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131435" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449777", "reference_id": "2449777", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7316", "reference_id": "RHSA-2026:7316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7316" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=34014", "reference_id": "show_bug.cgi?id=34014", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-23T15:10:34Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=34014" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089418?format=api", "purl": "pkg:deb/debian/glibc@2.36-9%2Bdeb12u14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14" }, { "url": "http://public2.vulnerablecode.io/api/packages/1089419?format=api", "purl": "pkg:deb/debian/glibc@2.41-12%2Bdeb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026161?format=api", "purl": "pkg:deb/debian/glibc@2.40-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.40-5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026163?format=api", "purl": "pkg:deb/debian/glibc@2.42-10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054641?format=api", "purl": "pkg:deb/debian/glibc@2.42-14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-us68-psx5-zude" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14" } ], "aliases": [ "CVE-2026-4437" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3e43-r92j-hkd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34315?format=api", "vulnerability_id": "VCID-9nqp-tfvr-ayen", "summary": "Multiple vulnerabilities in glibc could result in Local Privilege Escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.8321", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83156", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83243", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.8317", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83168", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83193", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.832", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83216", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01895", "scoring_system": "epss", "scoring_elements": "0.83206", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01947", "scoring_system": "epss", "scoring_elements": "0.8352", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01947", "scoring_system": "epss", "scoring_elements": "0.83488", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01947", "scoring_system": "epss", "scoring_elements": "0.83511", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01947", "scoring_system": "epss", "scoring_elements": "0.83518", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782", "reference_id": "2237782", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237782" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_id": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-4806", "reference_id": "CVE-2023-4806", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-4806" }, { "reference_url": "https://security.gentoo.org/glsa/202310-03", "reference_id": "GLSA-202310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202310-03" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2024:2413", "reference_id": "RHBA-2024:2413", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/" } ], "url": "https://access.redhat.com/errata/RHBA-2024:2413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5453", "reference_id": "RHSA-2023:5453", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5455", "reference_id": "RHSA-2023:5455", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:5455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7409", "reference_id": "RHSA-2023:7409", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2023:7409" }, { "reference_url": "https://usn.ubuntu.com/6541-1/", "reference_id": "USN-6541-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6541-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2023-4806" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9nqp-tfvr-ayen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43044?format=api", "vulnerability_id": "VCID-d5xx-af6p-2fhn", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13003", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13033", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1313", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13135", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13105", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13198", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13249", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13218", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13181", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13129", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4802" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468", "reference_id": "2367468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367468" }, { "reference_url": "https://security.gentoo.org/glsa/202509-04", "reference_id": "GLSA-202509-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-04" }, { "reference_url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e", "reference_id": "?id=1e18586c5820e329f741d5c710275e165581380e", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T13:47:23Z/" } ], "url": "https://sourceware.org/cgit/glibc/commit/?id=1e18586c5820e329f741d5c710275e165581380e" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10219", "reference_id": "RHSA-2025:10219", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10220", "reference_id": "RHSA-2025:10220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10220" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10294", "reference_id": "RHSA-2025:10294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11487", "reference_id": "RHSA-2025:11487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8655", "reference_id": "RHSA-2025:8655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8686", "reference_id": "RHSA-2025:8686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9028", "reference_id": "RHSA-2025:9028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9336", "reference_id": "RHSA-2025:9336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9725", "reference_id": "RHSA-2025:9725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9750", "reference_id": "RHSA-2025:9750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9750" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976", "reference_id": "show_bug.cgi?id=32976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-20T13:47:23Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32976" }, { "reference_url": "https://usn.ubuntu.com/7541-1/", "reference_id": "USN-7541-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7541-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-4802" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5xx-af6p-2fhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79622?format=api", "vulnerability_id": "VCID-jswq-6ru6-wybc", "summary": "glibc: potential use-after-free in gaih_inet()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4813.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4813.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53635", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53604", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53655", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53685", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53668", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53711", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53693", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00304", "scoring_system": "epss", "scoring_elements": "0.53633", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-4813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4813" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798", "reference_id": "2237798", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237798" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5453", "reference_id": "RHSA-2023:5453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5455", "reference_id": "RHSA-2023:5455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7409", "reference_id": "RHSA-2023:7409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7409" }, { "reference_url": "https://usn.ubuntu.com/6541-1/", "reference_id": "USN-6541-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6541-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2023-4813" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jswq-6ru6-wybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43045?format=api", "vulnerability_id": "VCID-kukb-s61t-pbc3", "summary": "Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8058.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01212", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01131", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.012", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01205", "published_at": "2026-04-29T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00668", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00933", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00917", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00914", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00921", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00916", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8058" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109803", "reference_id": "1109803", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109803" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383146", "reference_id": "2383146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383146" }, { "reference_url": "https://security.gentoo.org/glsa/202509-04", "reference_id": "GLSA-202509-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-04" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f", "reference_id": "?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T20:07:48Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12748", "reference_id": "RHSA-2025:12748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12980", "reference_id": "RHSA-2025:12980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13240", "reference_id": "RHSA-2025:13240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13622", "reference_id": "RHSA-2025:13622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14186", "reference_id": "RHSA-2025:14186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33185", "reference_id": "show_bug.cgi?id=33185", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-23T20:07:48Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33185" }, { "reference_url": "https://usn.ubuntu.com/7760-1/", "reference_id": "USN-7760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7760-1/" }, { "reference_url": "https://usn.ubuntu.com/8005-1/", "reference_id": "USN-8005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-8058" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kukb-s61t-pbc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64137?format=api", "vulnerability_id": "VCID-nwfb-xnks-1kg7", "summary": "glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4438.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4438.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07331", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08485", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08511", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08753", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08731", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08716", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08593", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09727", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09736", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09694", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09769", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4438" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131887", "reference_id": "1131887", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131887" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449783", "reference_id": "2449783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7316", "reference_id": "RHSA-2026:7316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7316" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=34015", "reference_id": "show_bug.cgi?id=34015", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T15:06:13Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=34015" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089418?format=api", "purl": "pkg:deb/debian/glibc@2.36-9%2Bdeb12u14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14" }, { "url": "http://public2.vulnerablecode.io/api/packages/1089419?format=api", "purl": "pkg:deb/debian/glibc@2.41-12%2Bdeb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026161?format=api", "purl": "pkg:deb/debian/glibc@2.40-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.40-5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026163?format=api", "purl": "pkg:deb/debian/glibc@2.42-10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054641?format=api", "purl": "pkg:deb/debian/glibc@2.42-14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-us68-psx5-zude" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-14" } ], "aliases": [ "CVE-2026-4438" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwfb-xnks-1kg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64957?format=api", "vulnerability_id": "VCID-ssnc-wdcf-sfc9", "summary": "glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15281.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2108", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21233", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21102", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21104", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21197", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21277", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21339", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21307", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21253", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21246", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21256", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-15281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15281" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126266", "reference_id": "1126266", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126266" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431196", "reference_id": "2431196", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2786", "reference_id": "RHSA-2026:2786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4501", "reference_id": "RHSA-2026:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4655", "reference_id": "RHSA-2026:4655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4772", "reference_id": "RHSA-2026:4772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7316", "reference_id": "RHSA-2026:7316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7316" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33814", "reference_id": "show_bug.cgi?id=33814", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-22T19:21:34Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33814" }, { "reference_url": "https://usn.ubuntu.com/8005-1/", "reference_id": "USN-8005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089418?format=api", "purl": "pkg:deb/debian/glibc@2.36-9%2Bdeb12u14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14" }, { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026161?format=api", "purl": "pkg:deb/debian/glibc@2.40-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.40-5" } ], "aliases": [ "CVE-2025-15281" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssnc-wdcf-sfc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64994?format=api", "vulnerability_id": "VCID-tcpv-4crc-zuap", "summary": "glibc: glibc: Information disclosure via zero-valued network query", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05581", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05837", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0576", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05792", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05829", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05616", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05655", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05681", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05653", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05645", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05638", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05592", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05605", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0915" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125748", "reference_id": "1125748", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125748" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430201", "reference_id": "2430201", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1334", "reference_id": "RHSA-2026:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2786", "reference_id": "RHSA-2026:2786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4501", "reference_id": "RHSA-2026:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4655", "reference_id": "RHSA-2026:4655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4772", "reference_id": "RHSA-2026:4772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7316", "reference_id": "RHSA-2026:7316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7316" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33802", "reference_id": "show_bug.cgi?id=33802", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-20T16:03:19Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33802" }, { "reference_url": "https://usn.ubuntu.com/8005-1/", "reference_id": "USN-8005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089418?format=api", "purl": "pkg:deb/debian/glibc@2.36-9%2Bdeb12u14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14" }, { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026161?format=api", "purl": "pkg:deb/debian/glibc@2.40-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.40-5" } ], "aliases": [ "CVE-2026-0915" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tcpv-4crc-zuap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63927?format=api", "vulnerability_id": "VCID-us68-psx5-zude", "summary": "glibc: glibc: Denial of Service via iconv() function with specific character sets", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4046.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4046.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4046", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13212", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13337", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13343", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14151", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.143", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14208", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16379", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4046" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4046", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4046" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132499", "reference_id": "1132499", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453117", "reference_id": "2453117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453117" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD", "reference_id": "GLIBC-SA-2026-0007;hb=HEAD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T17:33:59Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12740", "reference_id": "RHSA-2026:12740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12740" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33980", "reference_id": "show_bug.cgi?id=33980", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T17:33:59Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33980" }, { "reference_url": "https://inbox.sourceware.org/libc-announce/76814edf-cf7f-47ec-979d-2dce0a2c76bf@gotplt.org/T/#u", "reference_id": "#u", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-30T17:33:59Z/" } ], "url": "https://inbox.sourceware.org/libc-announce/76814edf-cf7f-47ec-979d-2dce0a2c76bf@gotplt.org/T/#u" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089418?format=api", "purl": "pkg:deb/debian/glibc@2.36-9%2Bdeb12u14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14" }, { "url": "http://public2.vulnerablecode.io/api/packages/1089419?format=api", "purl": "pkg:deb/debian/glibc@2.41-12%2Bdeb13u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026161?format=api", "purl": "pkg:deb/debian/glibc@2.40-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.40-5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026163?format=api", "purl": "pkg:deb/debian/glibc@2.42-10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-10" }, { "url": "http://public2.vulnerablecode.io/api/packages/1072971?format=api", "purl": "pkg:deb/debian/glibc@2.42-15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-15" } ], "aliases": [ "CVE-2026-4046" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-us68-psx5-zude" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61864?format=api", "vulnerability_id": "VCID-ys5d-7xgp-w7g5", "summary": "A vulnerability has been discovered in glibc, which can lead to execution of arbitrary code..", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0395.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21899", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21798", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21808", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21768", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21711", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21718", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21685", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21942", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21929", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.21955", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceware.org/pipermail/libc-announce/2025/000044.html", "reference_id": "000044.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/pipermail/libc-announce/2025/000044.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339460", "reference_id": "2339460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339460" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2025/01/22/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2025/01/22/4" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001", "reference_id": "GLIBC-SA-2025-0001", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0001" }, { "reference_url": "https://security.gentoo.org/glsa/202505-06", "reference_id": "GLSA-202505-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3828", "reference_id": "RHSA-2025:3828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4241", "reference_id": "RHSA-2025:4241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4242", "reference_id": "RHSA-2025:4242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4243", "reference_id": "RHSA-2025:4243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4244", "reference_id": "RHSA-2025:4244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4244" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32582", "reference_id": "show_bug.cgi?id=32582", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-04T20:45:32Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32582" }, { "reference_url": "https://usn.ubuntu.com/7259-1/", "reference_id": "USN-7259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-1/" }, { "reference_url": "https://usn.ubuntu.com/7259-2/", "reference_id": "USN-7259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-2/" }, { "reference_url": "https://usn.ubuntu.com/7259-3/", "reference_id": "USN-7259-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7259-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" } ], "aliases": [ "CVE-2025-0395" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ys5d-7xgp-w7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65000?format=api", "vulnerability_id": "VCID-zn6t-3mvb-wufm", "summary": "glibc: Integer overflow in memalign leads to heap corruption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0115", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01173", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01152", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01156", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01144", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01226", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0123", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01237", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01231", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01157", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01166", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01172", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01159", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0861" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125678", "reference_id": "1125678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429771", "reference_id": "2429771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429771" }, { "reference_url": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001", "reference_id": "GLIBC-SA-2026-0001", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:55Z/" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-14T21:24:01Z/" } ], "url": "https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1334", "reference_id": "RHSA-2026:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2786", "reference_id": "RHSA-2026:2786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3228", "reference_id": "RHSA-2026:3228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4501", "reference_id": "RHSA-2026:4501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4655", "reference_id": "RHSA-2026:4655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4943", "reference_id": "RHSA-2026:4943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5606", "reference_id": "RHSA-2026:5606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7316", "reference_id": "RHSA-2026:7316", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7316" }, { "reference_url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33796", "reference_id": "show_bug.cgi?id=33796", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:55Z/" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-01-14T21:24:01Z/" } ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33796" }, { "reference_url": "https://usn.ubuntu.com/8005-1/", "reference_id": "USN-8005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1089418?format=api", "purl": "pkg:deb/debian/glibc@2.36-9%2Bdeb12u14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14" }, { "url": "http://public2.vulnerablecode.io/api/packages/995126?format=api", "purl": "pkg:deb/debian/glibc@2.36-8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026161?format=api", "purl": "pkg:deb/debian/glibc@2.40-5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.40-5" } ], "aliases": [ "CVE-2026-0861" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zn6t-3mvb-wufm" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-8" }