Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-1.Final_redhat_00002.1.ep7?arch=el7
Typerpm
Namespaceredhat
Nameeap7-log4j-jboss-logmanager
Version1.2.2-1.Final_redhat_00002.1.ep7
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1vfk-arae-ubha
vulnerability_id VCID-1vfk-arae-ubha
summary 
Deserialization of Untrusted Data in Log4j 1.x
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23302.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23302
reference_id
reference_type
scores
0
value 0.00647
scoring_system epss
scoring_elements 0.7078
published_at 2026-04-12T12:55:00Z
1
value 0.00647
scoring_system epss
scoring_elements 0.70794
published_at 2026-04-21T12:55:00Z
2
value 0.00647
scoring_system epss
scoring_elements 0.70817
published_at 2026-04-18T12:55:00Z
3
value 0.00647
scoring_system epss
scoring_elements 0.7081
published_at 2026-04-16T12:55:00Z
4
value 0.00647
scoring_system epss
scoring_elements 0.70765
published_at 2026-04-13T12:55:00Z
5
value 0.00647
scoring_system epss
scoring_elements 0.70718
published_at 2026-04-02T12:55:00Z
6
value 0.00647
scoring_system epss
scoring_elements 0.70737
published_at 2026-04-04T12:55:00Z
7
value 0.00647
scoring_system epss
scoring_elements 0.70713
published_at 2026-04-07T12:55:00Z
8
value 0.00647
scoring_system epss
scoring_elements 0.70758
published_at 2026-04-08T12:55:00Z
9
value 0.00647
scoring_system epss
scoring_elements 0.70774
published_at 2026-04-09T12:55:00Z
10
value 0.00647
scoring_system epss
scoring_elements 0.70796
published_at 2026-04-11T12:55:00Z
11
value 0.00785
scoring_system epss
scoring_elements 0.73859
published_at 2026-04-29T12:55:00Z
12
value 0.00785
scoring_system epss
scoring_elements 0.7385
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23302
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23302
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j1
5
reference_url https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4w
6
reference_url https://logging.apache.org/log4j/1.2/index.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://logging.apache.org/log4j/1.2/index.html
7
reference_url https://security.netapp.com/advisory/ntap-20220217-0006
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220217-0006
8
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
9
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
10
reference_url http://www.openwall.com/lists/oss-security/2022/01/18/3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/01/18/3
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
reference_id 1004482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2041949
reference_id 2041949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2041949
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23302
reference_id CVE-2022-23302
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23302
14
reference_url https://www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerability
reference_id CVE-2022-23302-DETECT-LOG4J-1217-VULNERABILITY
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerability
15
reference_url https://www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerability
reference_id CVE-2022-23302-MITIGATE-LOG4J-1217-VULNERABILITY
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerability
16
reference_url https://github.com/advisories/GHSA-w9p3-5cr8-m3jj
reference_id GHSA-w9p3-5cr8-m3jj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w9p3-5cr8-m3jj
17
reference_url https://security.gentoo.org/glsa/202402-16
reference_id GLSA-202402-16
reference_type
scores
url https://security.gentoo.org/glsa/202402-16
18
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
19
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
20
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
21
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
22
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
23
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
24
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
25
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
26
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
27
reference_url https://access.redhat.com/errata/RHSA-2022:0439
reference_id RHSA-2022:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0439
28
reference_url https://access.redhat.com/errata/RHSA-2022:0442
reference_id RHSA-2022:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0442
29
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
30
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
31
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
32
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
33
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
34
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
35
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
36
reference_url https://access.redhat.com/errata/RHSA-2022:0467
reference_id RHSA-2022:0467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0467
37
reference_url https://access.redhat.com/errata/RHSA-2022:0469
reference_id RHSA-2022:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0469
38
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
39
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
40
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
41
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
42
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
43
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
44
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
45
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
46
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
47
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
48
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
49
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
50
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
51
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
52
reference_url https://usn.ubuntu.com/5998-1/
reference_id USN-5998-1
reference_type
scores
url https://usn.ubuntu.com/5998-1/
53
reference_url https://usn.ubuntu.com/7590-1/
reference_id USN-7590-1
reference_type
scores
url https://usn.ubuntu.com/7590-1/
fixed_packages
aliases CVE-2022-23302, GHSA-w9p3-5cr8-m3jj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vfk-arae-ubha
1
url VCID-698m-2hju-2qcv
vulnerability_id VCID-698m-2hju-2qcv
summary 
Deserialization of Untrusted Data
JMSAppender in Log4j is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide `TopicBindingName` and `TopicConnectionFactoryBindingName` configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j when specifically configured to use JMSAppender, which is not the default. Apache Log4j reached end of life in August Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4104.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4104.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4104
reference_id
reference_type
scores
0
value 0.69284
scoring_system epss
scoring_elements 0.98635
published_at 2026-04-02T12:55:00Z
1
value 0.69284
scoring_system epss
scoring_elements 0.98653
published_at 2026-04-21T12:55:00Z
2
value 0.69284
scoring_system epss
scoring_elements 0.98651
published_at 2026-04-16T12:55:00Z
3
value 0.69284
scoring_system epss
scoring_elements 0.98644
published_at 2026-04-09T12:55:00Z
4
value 0.69284
scoring_system epss
scoring_elements 0.98643
published_at 2026-04-08T12:55:00Z
5
value 0.69284
scoring_system epss
scoring_elements 0.98641
published_at 2026-04-07T12:55:00Z
6
value 0.69284
scoring_system epss
scoring_elements 0.98639
published_at 2026-04-04T12:55:00Z
7
value 0.69284
scoring_system epss
scoring_elements 0.98648
published_at 2026-04-13T12:55:00Z
8
value 0.69284
scoring_system epss
scoring_elements 0.98633
published_at 2026-04-01T12:55:00Z
9
value 0.69284
scoring_system epss
scoring_elements 0.98647
published_at 2026-04-12T12:55:00Z
10
value 0.69284
scoring_system epss
scoring_elements 0.98646
published_at 2026-04-11T12:55:00Z
11
value 0.72202
scoring_system epss
scoring_elements 0.98761
published_at 2026-04-24T12:55:00Z
12
value 0.72202
scoring_system epss
scoring_elements 0.98762
published_at 2026-04-26T12:55:00Z
13
value 0.72202
scoring_system epss
scoring_elements 0.98765
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4104
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2
5
reference_url https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126
6
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033
7
reference_url https://security.gentoo.org/glsa/202209-02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202209-02
8
reference_url https://security.gentoo.org/glsa/202310-16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-16
9
reference_url https://security.gentoo.org/glsa/202312-04
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202312-04
10
reference_url https://security.netapp.com/advisory/ntap-20211223-0007
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211223-0007
11
reference_url https://security.netapp.com/advisory/ntap-20211223-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20211223-0007/
12
reference_url https://www.cve.org/CVERecord?id=CVE-2021-44228
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cve.org/CVERecord?id=CVE-2021-44228
13
reference_url https://www.kb.cert.org/vuls/id/930724
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.kb.cert.org/vuls/id/930724
14
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
15
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
16
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
17
reference_url http://www.openwall.com/lists/oss-security/2022/01/18/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/01/18/3
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2031667
reference_id 2031667
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2031667
19
reference_url https://access.redhat.com/security/cve/CVE-2021-4104
reference_id CVE-2021-4104
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2021-4104
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4104
reference_id CVE-2021-4104
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-4104
21
reference_url https://github.com/advisories/GHSA-fp5r-v3w9-4333
reference_id GHSA-fp5r-v3w9-4333
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fp5r-v3w9-4333
22
reference_url https://security.gentoo.org/glsa/202312-02
reference_id GLSA-202312-02
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202312-02
23
reference_url https://access.redhat.com/errata/RHSA-2021:5107
reference_id RHSA-2021:5107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5107
24
reference_url https://access.redhat.com/errata/RHSA-2021:5141
reference_id RHSA-2021:5141
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5141
25
reference_url https://access.redhat.com/errata/RHSA-2021:5148
reference_id RHSA-2021:5148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5148
26
reference_url https://access.redhat.com/errata/RHSA-2021:5183
reference_id RHSA-2021:5183
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5183
27
reference_url https://access.redhat.com/errata/RHSA-2021:5184
reference_id RHSA-2021:5184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5184
28
reference_url https://access.redhat.com/errata/RHSA-2021:5186
reference_id RHSA-2021:5186
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5186
29
reference_url https://access.redhat.com/errata/RHSA-2021:5206
reference_id RHSA-2021:5206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5206
30
reference_url https://access.redhat.com/errata/RHSA-2021:5269
reference_id RHSA-2021:5269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5269
31
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
32
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
33
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
34
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
35
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
36
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
37
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
38
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
39
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
40
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
41
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
42
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
43
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
44
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
45
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
46
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
47
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
48
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
49
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
50
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
51
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
52
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
53
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
54
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
55
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
56
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
57
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
58
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
59
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
60
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
61
reference_url https://usn.ubuntu.com/5223-1/
reference_id USN-5223-1
reference_type
scores
url https://usn.ubuntu.com/5223-1/
62
reference_url https://usn.ubuntu.com/USN-5223-2/
reference_id USN-USN-5223-2
reference_type
scores
url https://usn.ubuntu.com/USN-5223-2/
fixed_packages
aliases CVE-2021-4104, GHSA-fp5r-v3w9-4333
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-698m-2hju-2qcv
2
url VCID-9k99-jzq8-fyge
vulnerability_id VCID-9k99-jzq8-fyge
summary 
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
By design, the JDBCAppender in Log4j accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j when specifically configured to use the JDBCAppender, which is not the default. Beginning, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j reached end of life in August Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23305.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23305.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23305
reference_id
reference_type
scores
0
value 0.07951
scoring_system epss
scoring_elements 0.92072
published_at 2026-04-21T12:55:00Z
1
value 0.07951
scoring_system epss
scoring_elements 0.92037
published_at 2026-04-02T12:55:00Z
2
value 0.07951
scoring_system epss
scoring_elements 0.92045
published_at 2026-04-04T12:55:00Z
3
value 0.07951
scoring_system epss
scoring_elements 0.9205
published_at 2026-04-07T12:55:00Z
4
value 0.07951
scoring_system epss
scoring_elements 0.92062
published_at 2026-04-08T12:55:00Z
5
value 0.07951
scoring_system epss
scoring_elements 0.92065
published_at 2026-04-13T12:55:00Z
6
value 0.07951
scoring_system epss
scoring_elements 0.92069
published_at 2026-04-12T12:55:00Z
7
value 0.07951
scoring_system epss
scoring_elements 0.92077
published_at 2026-04-16T12:55:00Z
8
value 0.07951
scoring_system epss
scoring_elements 0.92074
published_at 2026-04-18T12:55:00Z
9
value 0.09452
scoring_system epss
scoring_elements 0.92827
published_at 2026-04-29T12:55:00Z
10
value 0.09452
scoring_system epss
scoring_elements 0.92832
published_at 2026-04-26T12:55:00Z
11
value 0.1156
scoring_system epss
scoring_elements 0.93668
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23305
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23305
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23305
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/apache/logging-log4j1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/logging-log4j1
5
reference_url https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85y
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/pt6lh3pbsvxqlwlp4c5l798dv2hkc85y
6
reference_url https://logging.apache.org/log4j/1.2/index.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://logging.apache.org/log4j/1.2/index.html
7
reference_url https://security.netapp.com/advisory/ntap-20220217-0007
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220217-0007
8
reference_url https://security.netapp.com/advisory/ntap-20220217-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220217-0007/
9
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
10
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
11
reference_url http://www.openwall.com/lists/oss-security/2022/01/18/4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/01/18/4
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
reference_id 1004482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2041959
reference_id 2041959
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2041959
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23305
reference_id CVE-2022-23305
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23305
15
reference_url https://github.com/advisories/GHSA-65fg-84f6-3jq3
reference_id GHSA-65fg-84f6-3jq3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-65fg-84f6-3jq3
16
reference_url https://security.gentoo.org/glsa/202402-16
reference_id GLSA-202402-16
reference_type
scores
url https://security.gentoo.org/glsa/202402-16
17
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
18
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
19
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
20
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
21
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
22
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
23
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
24
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
25
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
26
reference_url https://access.redhat.com/errata/RHSA-2022:0439
reference_id RHSA-2022:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0439
27
reference_url https://access.redhat.com/errata/RHSA-2022:0442
reference_id RHSA-2022:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0442
28
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
29
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
30
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
31
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
32
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
33
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
34
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
35
reference_url https://access.redhat.com/errata/RHSA-2022:0467
reference_id RHSA-2022:0467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0467
36
reference_url https://access.redhat.com/errata/RHSA-2022:0469
reference_id RHSA-2022:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0469
37
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
38
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
39
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
40
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
41
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
42
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
43
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
44
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
45
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
46
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
47
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
48
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
49
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
50
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
51
reference_url https://usn.ubuntu.com/5998-1/
reference_id USN-5998-1
reference_type
scores
url https://usn.ubuntu.com/5998-1/
52
reference_url https://usn.ubuntu.com/7590-1/
reference_id USN-7590-1
reference_type
scores
url https://usn.ubuntu.com/7590-1/
fixed_packages
aliases CVE-2022-23305, GHSA-65fg-84f6-3jq3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9k99-jzq8-fyge
3
url VCID-aqt5-2ffy-9bgs
vulnerability_id VCID-aqt5-2ffy-9bgs
summary HTTP/2: flood using SETTINGS frames results in unbounded memory growth
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9515.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9515.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9515
reference_id
reference_type
scores
0
value 0.09046
scoring_system epss
scoring_elements 0.92654
published_at 2026-04-29T12:55:00Z
1
value 0.09046
scoring_system epss
scoring_elements 0.92655
published_at 2026-04-21T12:55:00Z
2
value 0.09046
scoring_system epss
scoring_elements 0.92657
published_at 2026-04-24T12:55:00Z
3
value 0.09046
scoring_system epss
scoring_elements 0.92658
published_at 2026-04-26T12:55:00Z
4
value 0.09046
scoring_system epss
scoring_elements 0.92618
published_at 2026-04-07T12:55:00Z
5
value 0.09046
scoring_system epss
scoring_elements 0.92629
published_at 2026-04-08T12:55:00Z
6
value 0.09046
scoring_system epss
scoring_elements 0.92635
published_at 2026-04-09T12:55:00Z
7
value 0.09046
scoring_system epss
scoring_elements 0.92639
published_at 2026-04-13T12:55:00Z
8
value 0.09046
scoring_system epss
scoring_elements 0.9264
published_at 2026-04-12T12:55:00Z
9
value 0.09046
scoring_system epss
scoring_elements 0.92652
published_at 2026-04-18T12:55:00Z
10
value 0.10394
scoring_system epss
scoring_elements 0.93194
published_at 2026-04-02T12:55:00Z
11
value 0.10394
scoring_system epss
scoring_elements 0.93185
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9515
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735745
reference_id 1735745
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735745
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
reference_id 934886
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
reference_id 934887
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
11
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
12
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
13
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
14
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
15
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
16
reference_url https://access.redhat.com/errata/RHSA-2020:3196
reference_id RHSA-2020:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3196
17
reference_url https://access.redhat.com/errata/RHSA-2020:3197
reference_id RHSA-2020:3197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3197
18
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
19
reference_url https://usn.ubuntu.com/USN-4866-1/
reference_id USN-USN-4866-1
reference_type
scores
url https://usn.ubuntu.com/USN-4866-1/
fixed_packages
aliases CVE-2019-9515
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqt5-2ffy-9bgs
4
url VCID-bbq3-tx7c-yucn
vulnerability_id VCID-bbq3-tx7c-yucn
summary This advisory has been marked as False Positive and removed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23307.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23307.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23307
reference_id
reference_type
scores
0
value 0.02155
scoring_system epss
scoring_elements 0.84292
published_at 2026-04-21T12:55:00Z
1
value 0.02155
scoring_system epss
scoring_elements 0.84288
published_at 2026-04-18T12:55:00Z
2
value 0.02155
scoring_system epss
scoring_elements 0.84287
published_at 2026-04-16T12:55:00Z
3
value 0.02155
scoring_system epss
scoring_elements 0.84265
published_at 2026-04-13T12:55:00Z
4
value 0.02155
scoring_system epss
scoring_elements 0.84268
published_at 2026-04-12T12:55:00Z
5
value 0.02155
scoring_system epss
scoring_elements 0.84273
published_at 2026-04-11T12:55:00Z
6
value 0.02155
scoring_system epss
scoring_elements 0.84256
published_at 2026-04-09T12:55:00Z
7
value 0.02155
scoring_system epss
scoring_elements 0.84249
published_at 2026-04-08T12:55:00Z
8
value 0.02155
scoring_system epss
scoring_elements 0.84227
published_at 2026-04-07T12:55:00Z
9
value 0.02155
scoring_system epss
scoring_elements 0.84208
published_at 2026-04-02T12:55:00Z
10
value 0.02155
scoring_system epss
scoring_elements 0.84226
published_at 2026-04-04T12:55:00Z
11
value 0.02603
scoring_system epss
scoring_elements 0.85674
published_at 2026-04-29T12:55:00Z
12
value 0.02603
scoring_system epss
scoring_elements 0.85661
published_at 2026-04-24T12:55:00Z
13
value 0.02603
scoring_system epss
scoring_elements 0.85672
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23307
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh
5
reference_url https://logging.apache.org/log4j/1.2/index.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://logging.apache.org/log4j/1.2/index.html
6
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
7
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
reference_id 1004482
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004482
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2041967
reference_id 2041967
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2041967
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23307
reference_id CVE-2022-23307
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23307
11
reference_url https://github.com/advisories/GHSA-f7vh-qwp3-x37m
reference_id GHSA-f7vh-qwp3-x37m
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7vh-qwp3-x37m
12
reference_url https://access.redhat.com/errata/RHSA-2022:0289
reference_id RHSA-2022:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0289
13
reference_url https://access.redhat.com/errata/RHSA-2022:0290
reference_id RHSA-2022:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0290
14
reference_url https://access.redhat.com/errata/RHSA-2022:0291
reference_id RHSA-2022:0291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0291
15
reference_url https://access.redhat.com/errata/RHSA-2022:0294
reference_id RHSA-2022:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0294
16
reference_url https://access.redhat.com/errata/RHSA-2022:0430
reference_id RHSA-2022:0430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0430
17
reference_url https://access.redhat.com/errata/RHSA-2022:0435
reference_id RHSA-2022:0435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0435
18
reference_url https://access.redhat.com/errata/RHSA-2022:0436
reference_id RHSA-2022:0436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0436
19
reference_url https://access.redhat.com/errata/RHSA-2022:0437
reference_id RHSA-2022:0437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0437
20
reference_url https://access.redhat.com/errata/RHSA-2022:0438
reference_id RHSA-2022:0438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0438
21
reference_url https://access.redhat.com/errata/RHSA-2022:0439
reference_id RHSA-2022:0439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0439
22
reference_url https://access.redhat.com/errata/RHSA-2022:0442
reference_id RHSA-2022:0442
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0442
23
reference_url https://access.redhat.com/errata/RHSA-2022:0444
reference_id RHSA-2022:0444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0444
24
reference_url https://access.redhat.com/errata/RHSA-2022:0445
reference_id RHSA-2022:0445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0445
25
reference_url https://access.redhat.com/errata/RHSA-2022:0446
reference_id RHSA-2022:0446
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0446
26
reference_url https://access.redhat.com/errata/RHSA-2022:0447
reference_id RHSA-2022:0447
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0447
27
reference_url https://access.redhat.com/errata/RHSA-2022:0448
reference_id RHSA-2022:0448
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0448
28
reference_url https://access.redhat.com/errata/RHSA-2022:0449
reference_id RHSA-2022:0449
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0449
29
reference_url https://access.redhat.com/errata/RHSA-2022:0450
reference_id RHSA-2022:0450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0450
30
reference_url https://access.redhat.com/errata/RHSA-2022:0467
reference_id RHSA-2022:0467
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0467
31
reference_url https://access.redhat.com/errata/RHSA-2022:0469
reference_id RHSA-2022:0469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0469
32
reference_url https://access.redhat.com/errata/RHSA-2022:0475
reference_id RHSA-2022:0475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0475
33
reference_url https://access.redhat.com/errata/RHSA-2022:0497
reference_id RHSA-2022:0497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0497
34
reference_url https://access.redhat.com/errata/RHSA-2022:0507
reference_id RHSA-2022:0507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0507
35
reference_url https://access.redhat.com/errata/RHSA-2022:0524
reference_id RHSA-2022:0524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0524
36
reference_url https://access.redhat.com/errata/RHSA-2022:0527
reference_id RHSA-2022:0527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0527
37
reference_url https://access.redhat.com/errata/RHSA-2022:0553
reference_id RHSA-2022:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0553
38
reference_url https://access.redhat.com/errata/RHSA-2022:0661
reference_id RHSA-2022:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0661
39
reference_url https://access.redhat.com/errata/RHSA-2022:1296
reference_id RHSA-2022:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1296
40
reference_url https://access.redhat.com/errata/RHSA-2022:1297
reference_id RHSA-2022:1297
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1297
41
reference_url https://access.redhat.com/errata/RHSA-2022:1299
reference_id RHSA-2022:1299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1299
42
reference_url https://access.redhat.com/errata/RHSA-2022:5458
reference_id RHSA-2022:5458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5458
43
reference_url https://access.redhat.com/errata/RHSA-2022:5459
reference_id RHSA-2022:5459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5459
44
reference_url https://access.redhat.com/errata/RHSA-2022:5460
reference_id RHSA-2022:5460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5460
45
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
46
reference_url https://usn.ubuntu.com/5998-1/
reference_id USN-5998-1
reference_type
scores
url https://usn.ubuntu.com/5998-1/
47
reference_url https://usn.ubuntu.com/7590-1/
reference_id USN-7590-1
reference_type
scores
url https://usn.ubuntu.com/7590-1/
fixed_packages
aliases CVE-2022-23307, GHSA-f7vh-qwp3-x37m
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbq3-tx7c-yucn
5
url VCID-dmv4-ydq9-a7eq
vulnerability_id VCID-dmv4-ydq9-a7eq
summary Excessive CPU usage in HTTP/2 with small window updates
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
reference_id
reference_type
scores
0
value 0.13948
scoring_system epss
scoring_elements 0.94283
published_at 2026-04-01T12:55:00Z
1
value 0.13948
scoring_system epss
scoring_elements 0.94345
published_at 2026-04-29T12:55:00Z
2
value 0.13948
scoring_system epss
scoring_elements 0.94322
published_at 2026-04-12T12:55:00Z
3
value 0.13948
scoring_system epss
scoring_elements 0.94324
published_at 2026-04-13T12:55:00Z
4
value 0.13948
scoring_system epss
scoring_elements 0.94339
published_at 2026-04-16T12:55:00Z
5
value 0.13948
scoring_system epss
scoring_elements 0.94344
published_at 2026-04-21T12:55:00Z
6
value 0.13948
scoring_system epss
scoring_elements 0.94347
published_at 2026-04-26T12:55:00Z
7
value 0.13948
scoring_system epss
scoring_elements 0.94292
published_at 2026-04-02T12:55:00Z
8
value 0.13948
scoring_system epss
scoring_elements 0.94302
published_at 2026-04-04T12:55:00Z
9
value 0.13948
scoring_system epss
scoring_elements 0.94304
published_at 2026-04-07T12:55:00Z
10
value 0.13948
scoring_system epss
scoring_elements 0.94313
published_at 2026-04-08T12:55:00Z
11
value 0.13948
scoring_system epss
scoring_elements 0.94318
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9516
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
reference_id
reference_type
scores
0
value medium
scoring_system generic_textual
scoring_elements
url https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
reference_id 1741860
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1741860
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
reference_id 935037
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935037
14
reference_url https://security.archlinux.org/ASA-201908-12
reference_id ASA-201908-12
reference_type
scores
url https://security.archlinux.org/ASA-201908-12
15
reference_url https://security.archlinux.org/ASA-201908-13
reference_id ASA-201908-13
reference_type
scores
url https://security.archlinux.org/ASA-201908-13
16
reference_url https://security.archlinux.org/ASA-201908-17
reference_id ASA-201908-17
reference_type
scores
url https://security.archlinux.org/ASA-201908-17
17
reference_url https://security.archlinux.org/AVG-1022
reference_id AVG-1022
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1022
18
reference_url https://security.archlinux.org/AVG-1023
reference_id AVG-1023
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1023
19
reference_url https://security.archlinux.org/AVG-1024
reference_id AVG-1024
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1024
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
reference_id CVE-2019-9511
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-9511
21
reference_url https://access.redhat.com/errata/RHSA-2019:2692
reference_id RHSA-2019:2692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2692
22
reference_url https://access.redhat.com/errata/RHSA-2019:2745
reference_id RHSA-2019:2745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2745
23
reference_url https://access.redhat.com/errata/RHSA-2019:2746
reference_id RHSA-2019:2746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2746
24
reference_url https://access.redhat.com/errata/RHSA-2019:2775
reference_id RHSA-2019:2775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2775
25
reference_url https://access.redhat.com/errata/RHSA-2019:2799
reference_id RHSA-2019:2799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2799
26
reference_url https://access.redhat.com/errata/RHSA-2019:2946
reference_id RHSA-2019:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2946
27
reference_url https://access.redhat.com/errata/RHSA-2019:2949
reference_id RHSA-2019:2949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2949
28
reference_url https://access.redhat.com/errata/RHSA-2019:3041
reference_id RHSA-2019:3041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3041
29
reference_url https://access.redhat.com/errata/RHSA-2019:3932
reference_id RHSA-2019:3932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3932
30
reference_url https://access.redhat.com/errata/RHSA-2019:3933
reference_id RHSA-2019:3933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3933
31
reference_url https://access.redhat.com/errata/RHSA-2019:3935
reference_id RHSA-2019:3935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3935
32
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
33
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
34
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
35
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
36
reference_url https://access.redhat.com/errata/RHSA-2020:3192
reference_id RHSA-2020:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3192
37
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
38
reference_url https://usn.ubuntu.com/4099-1/
reference_id USN-4099-1
reference_type
scores
url https://usn.ubuntu.com/4099-1/
39
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
fixed_packages
aliases CVE-2019-9511
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmv4-ydq9-a7eq
6
url VCID-hbte-dsw2-y7ad
vulnerability_id VCID-hbte-dsw2-y7ad
summary 
golang.org/x/net/http vulnerable to ping floods
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

### Specific Go Packages Affected
golang.org/x/net/http2
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
6
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
7
reference_url https://access.redhat.com/errata/RHSA-2019:2594
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2594
8
reference_url https://access.redhat.com/errata/RHSA-2019:2661
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2661
9
reference_url https://access.redhat.com/errata/RHSA-2019:2682
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2682
10
reference_url https://access.redhat.com/errata/RHSA-2019:2690
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2690
11
reference_url https://access.redhat.com/errata/RHSA-2019:2726
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2726
12
reference_url https://access.redhat.com/errata/RHSA-2019:2766
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2766
13
reference_url https://access.redhat.com/errata/RHSA-2019:2769
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2769
14
reference_url https://access.redhat.com/errata/RHSA-2019:2796
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2796
15
reference_url https://access.redhat.com/errata/RHSA-2019:2861
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2861
16
reference_url https://access.redhat.com/errata/RHSA-2019:2925
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2925
17
reference_url https://access.redhat.com/errata/RHSA-2019:2939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2939
18
reference_url https://access.redhat.com/errata/RHSA-2019:2955
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2955
19
reference_url https://access.redhat.com/errata/RHSA-2019:2966
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2966
20
reference_url https://access.redhat.com/errata/RHSA-2019:3131
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3131
21
reference_url https://access.redhat.com/errata/RHSA-2019:3245
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3245
22
reference_url https://access.redhat.com/errata/RHSA-2019:3265
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3265
23
reference_url https://access.redhat.com/errata/RHSA-2019:3892
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3892
24
reference_url https://access.redhat.com/errata/RHSA-2019:3906
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3906
25
reference_url https://access.redhat.com/errata/RHSA-2019:4018
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4018
26
reference_url https://access.redhat.com/errata/RHSA-2019:4019
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4019
27
reference_url https://access.redhat.com/errata/RHSA-2019:4020
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4020
28
reference_url https://access.redhat.com/errata/RHSA-2019:4021
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4021
29
reference_url https://access.redhat.com/errata/RHSA-2019:4040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4040
30
reference_url https://access.redhat.com/errata/RHSA-2019:4041
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4041
31
reference_url https://access.redhat.com/errata/RHSA-2019:4042
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4042
32
reference_url https://access.redhat.com/errata/RHSA-2019:4045
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4045
33
reference_url https://access.redhat.com/errata/RHSA-2019:4269
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4269
34
reference_url https://access.redhat.com/errata/RHSA-2019:4273
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4273
35
reference_url https://access.redhat.com/errata/RHSA-2019:4352
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4352
36
reference_url https://access.redhat.com/errata/RHSA-2020:0406
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0406
37
reference_url https://access.redhat.com/errata/RHSA-2020:0727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0727
38
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9512.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9512.json
39
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9512
reference_id
reference_type
scores
0
value 0.51232
scoring_system epss
scoring_elements 0.97891
published_at 2026-04-29T12:55:00Z
1
value 0.51232
scoring_system epss
scoring_elements 0.97858
published_at 2026-04-01T12:55:00Z
2
value 0.51232
scoring_system epss
scoring_elements 0.97864
published_at 2026-04-02T12:55:00Z
3
value 0.51232
scoring_system epss
scoring_elements 0.97866
published_at 2026-04-04T12:55:00Z
4
value 0.51232
scoring_system epss
scoring_elements 0.97869
published_at 2026-04-07T12:55:00Z
5
value 0.51232
scoring_system epss
scoring_elements 0.97873
published_at 2026-04-08T12:55:00Z
6
value 0.51232
scoring_system epss
scoring_elements 0.97876
published_at 2026-04-09T12:55:00Z
7
value 0.51232
scoring_system epss
scoring_elements 0.97879
published_at 2026-04-11T12:55:00Z
8
value 0.51232
scoring_system epss
scoring_elements 0.9788
published_at 2026-04-12T12:55:00Z
9
value 0.51232
scoring_system epss
scoring_elements 0.97881
published_at 2026-04-13T12:55:00Z
10
value 0.51232
scoring_system epss
scoring_elements 0.97888
published_at 2026-04-21T12:55:00Z
11
value 0.51232
scoring_system epss
scoring_elements 0.9789
published_at 2026-04-18T12:55:00Z
12
value 0.51232
scoring_system epss
scoring_elements 0.97886
published_at 2026-04-24T12:55:00Z
13
value 0.51232
scoring_system epss
scoring_elements 0.97887
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9512
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809
42
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
44
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
45
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
46
reference_url http://seclists.org/fulldisclosure/2019/Aug/16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/16
47
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
48
reference_url https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
49
reference_url https://go.dev/cl/190137
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/190137
50
reference_url https://go.dev/issue/33606
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/33606
51
reference_url https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5
52
reference_url https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ
53
reference_url https://kb.cert.org/vuls/id/605641
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kb.cert.org/vuls/id/605641
54
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10296
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kc.mcafee.com/corporate/index?page=content&id=SB10296
55
reference_url https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
56
reference_url https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
57
reference_url https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
58
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
59
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7
60
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC
61
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP
62
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ
63
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9512
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-9512
64
reference_url https://pkg.go.dev/vuln/GO-2022-0536
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0536
65
reference_url https://seclists.org/bugtraq/2019/Aug/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/24
66
reference_url https://seclists.org/bugtraq/2019/Aug/31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/31
67
reference_url https://seclists.org/bugtraq/2019/Aug/43
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/43
68
reference_url https://seclists.org/bugtraq/2019/Sep/18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Sep/18
69
reference_url https://security.netapp.com/advisory/ntap-20190823-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0001
70
reference_url https://security.netapp.com/advisory/ntap-20190823-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0004
71
reference_url https://security.netapp.com/advisory/ntap-20190823-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0005
72
reference_url https://support.f5.com/csp/article/K98053339
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K98053339
73
reference_url https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K98053339?utm_source=f5support&utm_medium=RSS
74
reference_url https://usn.ubuntu.com/4308-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4308-1
75
reference_url https://www.debian.org/security/2019/dsa-4503
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4503
76
reference_url https://www.debian.org/security/2019/dsa-4508
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4508
77
reference_url https://www.debian.org/security/2019/dsa-4520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4520
78
reference_url https://www.synology.com/security/advisory/Synology_SA_19_33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_33
79
reference_url http://www.openwall.com/lists/oss-security/2019/08/20/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/08/20/1
80
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735645
reference_id 1735645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735645
81
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
reference_id 934886
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
82
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
reference_id 934887
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
83
reference_url https://security.archlinux.org/ASA-201908-15
reference_id ASA-201908-15
reference_type
scores
url https://security.archlinux.org/ASA-201908-15
84
reference_url https://security.archlinux.org/AVG-1021
reference_id AVG-1021
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1021
85
reference_url https://access.redhat.com/errata/RHSA-2019:2817
reference_id RHSA-2019:2817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2817
86
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
87
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
88
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
89
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
90
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
91
reference_url https://access.redhat.com/errata/RHSA-2020:3196
reference_id RHSA-2020:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3196
92
reference_url https://access.redhat.com/errata/RHSA-2020:3197
reference_id RHSA-2020:3197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3197
93
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
94
reference_url https://usn.ubuntu.com/USN-4866-1/
reference_id USN-USN-4866-1
reference_type
scores
url https://usn.ubuntu.com/USN-4866-1/
fixed_packages
aliases CVE-2019-9512, GHSA-hgr8-6h9x-f7q9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbte-dsw2-y7ad
7
url VCID-n66u-b73u-zucb
vulnerability_id VCID-n66u-b73u-zucb
summary 
golang.org/x/net/http vulnerable to a reset flood
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. Servers that accept direct connections from untrusted clients could be remotely made to allocate an unlimited amount of memory, until the program crashes. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

### Specific Go Packages Affected
golang.org/x/net/http2
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html
6
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html
7
reference_url https://access.redhat.com/errata/RHSA-2019:2594
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2594
8
reference_url https://access.redhat.com/errata/RHSA-2019:2661
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2661
9
reference_url https://access.redhat.com/errata/RHSA-2019:2682
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2682
10
reference_url https://access.redhat.com/errata/RHSA-2019:2690
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2690
11
reference_url https://access.redhat.com/errata/RHSA-2019:2726
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2726
12
reference_url https://access.redhat.com/errata/RHSA-2019:2766
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2766
13
reference_url https://access.redhat.com/errata/RHSA-2019:2769
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2769
14
reference_url https://access.redhat.com/errata/RHSA-2019:2796
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2796
15
reference_url https://access.redhat.com/errata/RHSA-2019:2861
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2861
16
reference_url https://access.redhat.com/errata/RHSA-2019:2925
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2925
17
reference_url https://access.redhat.com/errata/RHSA-2019:2939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2939
18
reference_url https://access.redhat.com/errata/RHSA-2019:2955
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2955
19
reference_url https://access.redhat.com/errata/RHSA-2019:2966
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2966
20
reference_url https://access.redhat.com/errata/RHSA-2019:3131
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3131
21
reference_url https://access.redhat.com/errata/RHSA-2019:3245
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3245
22
reference_url https://access.redhat.com/errata/RHSA-2019:3265
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3265
23
reference_url https://access.redhat.com/errata/RHSA-2019:3892
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3892
24
reference_url https://access.redhat.com/errata/RHSA-2019:3906
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3906
25
reference_url https://access.redhat.com/errata/RHSA-2019:4018
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4018
26
reference_url https://access.redhat.com/errata/RHSA-2019:4019
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4019
27
reference_url https://access.redhat.com/errata/RHSA-2019:4020
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4020
28
reference_url https://access.redhat.com/errata/RHSA-2019:4021
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4021
29
reference_url https://access.redhat.com/errata/RHSA-2019:4040
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4040
30
reference_url https://access.redhat.com/errata/RHSA-2019:4041
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4041
31
reference_url https://access.redhat.com/errata/RHSA-2019:4042
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4042
32
reference_url https://access.redhat.com/errata/RHSA-2019:4045
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4045
33
reference_url https://access.redhat.com/errata/RHSA-2019:4269
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4269
34
reference_url https://access.redhat.com/errata/RHSA-2019:4273
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4273
35
reference_url https://access.redhat.com/errata/RHSA-2019:4352
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4352
36
reference_url https://access.redhat.com/errata/RHSA-2020:0406
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0406
37
reference_url https://access.redhat.com/errata/RHSA-2020:0727
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0727
38
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9514.json
39
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9514
reference_id
reference_type
scores
0
value 0.09483
scoring_system epss
scoring_elements 0.92845
published_at 2026-04-29T12:55:00Z
1
value 0.09483
scoring_system epss
scoring_elements 0.92799
published_at 2026-04-01T12:55:00Z
2
value 0.09483
scoring_system epss
scoring_elements 0.92806
published_at 2026-04-02T12:55:00Z
3
value 0.09483
scoring_system epss
scoring_elements 0.9281
published_at 2026-04-04T12:55:00Z
4
value 0.09483
scoring_system epss
scoring_elements 0.92809
published_at 2026-04-07T12:55:00Z
5
value 0.09483
scoring_system epss
scoring_elements 0.92818
published_at 2026-04-08T12:55:00Z
6
value 0.09483
scoring_system epss
scoring_elements 0.92822
published_at 2026-04-09T12:55:00Z
7
value 0.09483
scoring_system epss
scoring_elements 0.92826
published_at 2026-04-13T12:55:00Z
8
value 0.09483
scoring_system epss
scoring_elements 0.92825
published_at 2026-04-12T12:55:00Z
9
value 0.09483
scoring_system epss
scoring_elements 0.92836
published_at 2026-04-16T12:55:00Z
10
value 0.09483
scoring_system epss
scoring_elements 0.92837
published_at 2026-04-18T12:55:00Z
11
value 0.09483
scoring_system epss
scoring_elements 0.92841
published_at 2026-04-21T12:55:00Z
12
value 0.09483
scoring_system epss
scoring_elements 0.92848
published_at 2026-04-24T12:55:00Z
13
value 0.09483
scoring_system epss
scoring_elements 0.9285
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9514
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10079
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14809
42
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15604
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15605
44
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15606
45
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511
46
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512
47
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513
48
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514
49
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515
50
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518
51
reference_url http://seclists.org/fulldisclosure/2019/Aug/16
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/16
52
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
53
reference_url https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
54
reference_url https://go.dev/cl/190137
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/190137
55
reference_url https://go.dev/issue/33606
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/33606
56
reference_url https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/go/+/145e193131eb486077b66009beb051aba07c52a5
57
reference_url https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/65QixT3tcmg/m/DrFiG6vvCwAJ
58
reference_url https://kb.cert.org/vuls/id/605641
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kb.cert.org/vuls/id/605641
59
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10296
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://kc.mcafee.com/corporate/index?page=content&id=SB10296
60
reference_url https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E
61
reference_url https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
62
reference_url https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E
63
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html
64
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BBP27PZGSY6OP6D26E5FW4GZKBFHNU7
65
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC
66
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP
67
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ
68
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9514
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-9514
69
reference_url https://pkg.go.dev/vuln/GO-2022-0536
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0536
70
reference_url https://seclists.org/bugtraq/2019/Aug/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/24
71
reference_url https://seclists.org/bugtraq/2019/Aug/31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/31
72
reference_url https://seclists.org/bugtraq/2019/Aug/43
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/43
73
reference_url https://seclists.org/bugtraq/2019/Sep/18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Sep/18
74
reference_url https://security.netapp.com/advisory/ntap-20190823-0001
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0001
75
reference_url https://security.netapp.com/advisory/ntap-20190823-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0004
76
reference_url https://security.netapp.com/advisory/ntap-20190823-0005
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190823-0005
77
reference_url https://support.f5.com/csp/article/K01988340
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K01988340
78
reference_url https://support.f5.com/csp/article/K01988340?utm_source=f5support&utm_medium=RSS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.f5.com/csp/article/K01988340?utm_source=f5support&utm_medium=RSS
79
reference_url https://usn.ubuntu.com/4308-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4308-1
80
reference_url https://www.debian.org/security/2019/dsa-4503
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4503
81
reference_url https://www.debian.org/security/2019/dsa-4508
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4508
82
reference_url https://www.debian.org/security/2019/dsa-4520
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4520
83
reference_url https://www.debian.org/security/2020/dsa-4669
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2020/dsa-4669
84
reference_url https://www.synology.com/security/advisory/Synology_SA_19_33
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.synology.com/security/advisory/Synology_SA_19_33
85
reference_url http://www.openwall.com/lists/oss-security/2019/08/20/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/08/20/1
86
reference_url http://www.openwall.com/lists/oss-security/2023/10/18/8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/10/18/8
87
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667
reference_id 1062667
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062667
88
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1735744
reference_id 1735744
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1735744
89
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
reference_id 934885
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934885
90
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
reference_id 934886
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934886
91
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
reference_id 934887
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934887
92
reference_url https://security.archlinux.org/ASA-201908-15
reference_id ASA-201908-15
reference_type
scores
url https://security.archlinux.org/ASA-201908-15
93
reference_url https://security.archlinux.org/AVG-1021
reference_id AVG-1021
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1021
94
reference_url https://access.redhat.com/errata/RHSA-2019:2817
reference_id RHSA-2019:2817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2817
95
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
96
reference_url https://access.redhat.com/errata/RHSA-2020:0983
reference_id RHSA-2020:0983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0983
97
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
98
reference_url https://access.redhat.com/errata/RHSA-2020:2067
reference_id RHSA-2020:2067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2067
99
reference_url https://access.redhat.com/errata/RHSA-2020:2565
reference_id RHSA-2020:2565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2565
100
reference_url https://access.redhat.com/errata/RHSA-2020:3196
reference_id RHSA-2020:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3196
101
reference_url https://access.redhat.com/errata/RHSA-2020:3197
reference_id RHSA-2020:3197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3197
102
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
103
reference_url https://usn.ubuntu.com/USN-4866-1/
reference_id USN-USN-4866-1
reference_type
scores
url https://usn.ubuntu.com/USN-4866-1/
fixed_packages
aliases CVE-2019-9514, GHSA-39qc-96h7-956f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n66u-b73u-zucb
8
url VCID-nrk8-v4zp-6ubx
vulnerability_id VCID-nrk8-v4zp-6ubx
summary EAP: field-name is not parsed in accordance to RFC7230
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1710.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-1710
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47407
published_at 2026-04-01T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47442
published_at 2026-04-02T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.47462
published_at 2026-04-04T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.47411
published_at 2026-04-07T12:55:00Z
4
value 0.00242
scoring_system epss
scoring_elements 0.47466
published_at 2026-04-08T12:55:00Z
5
value 0.00242
scoring_system epss
scoring_elements 0.47463
published_at 2026-04-09T12:55:00Z
6
value 0.00242
scoring_system epss
scoring_elements 0.47485
published_at 2026-04-11T12:55:00Z
7
value 0.00242
scoring_system epss
scoring_elements 0.4746
published_at 2026-04-12T12:55:00Z
8
value 0.00242
scoring_system epss
scoring_elements 0.47467
published_at 2026-04-26T12:55:00Z
9
value 0.00242
scoring_system epss
scoring_elements 0.47527
published_at 2026-04-16T12:55:00Z
10
value 0.00242
scoring_system epss
scoring_elements 0.47519
published_at 2026-04-18T12:55:00Z
11
value 0.00242
scoring_system epss
scoring_elements 0.47471
published_at 2026-04-21T12:55:00Z
12
value 0.00242
scoring_system epss
scoring_elements 0.47459
published_at 2026-04-24T12:55:00Z
13
value 0.00242
scoring_system epss
scoring_elements 0.47415
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-1710
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1793970
reference_id 1793970
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1793970
3
reference_url https://access.redhat.com/errata/RHSA-2020:3779
reference_id RHSA-2020:3779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3779
4
reference_url https://access.redhat.com/errata/RHSA-2024:5856
reference_id RHSA-2024:5856
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5856
fixed_packages
aliases CVE-2020-1710
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrk8-v4zp-6ubx
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-1.Final_redhat_00002.1.ep7%3Farch=el7