Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/rh-python38-python-pip@19.3.1-2?arch=el7
Typerpm
Namespaceredhat
Namerh-python38-python-pip
Version19.3.1-2
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2j3t-a3r6-vfg7
vulnerability_id VCID-2j3t-a3r6-vfg7
summary 
Multiple vulnerabilities have been found in Python, the worst of
    which might allow attackers to access sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3426.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3426
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23679
published_at 2026-04-02T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23519
published_at 2026-04-01T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.23957
published_at 2026-04-11T12:55:00Z
3
value 0.00081
scoring_system epss
scoring_elements 0.2387
published_at 2026-04-16T12:55:00Z
4
value 0.00081
scoring_system epss
scoring_elements 0.23859
published_at 2026-04-13T12:55:00Z
5
value 0.00081
scoring_system epss
scoring_elements 0.2394
published_at 2026-04-09T12:55:00Z
6
value 0.00081
scoring_system epss
scoring_elements 0.24042
published_at 2026-04-04T12:55:00Z
7
value 0.00081
scoring_system epss
scoring_elements 0.23827
published_at 2026-04-07T12:55:00Z
8
value 0.00081
scoring_system epss
scoring_elements 0.23894
published_at 2026-04-08T12:55:00Z
9
value 0.00081
scoring_system epss
scoring_elements 0.23913
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1935913
reference_id 1935913
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1935913
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
reference_id 25HVHLBGO2KNPXJ3G426QEYSSCECJDU5
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
6
reference_url https://security.archlinux.org/AVG-1675
reference_id AVG-1675
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1675
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
reference_id BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
reference_id DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
9
reference_url https://security.gentoo.org/glsa/202104-04
reference_id GLSA-202104-04
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://security.gentoo.org/glsa/202104-04
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
reference_id LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
11
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
12
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
reference_id msg00039.html
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
reference_id N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
14
reference_url https://security.netapp.com/advisory/ntap-20210629-0003/
reference_id ntap-20210629-0003
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://security.netapp.com/advisory/ntap-20210629-0003/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
reference_id QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
16
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
17
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
18
reference_url https://access.redhat.com/errata/RHSA-2021:4399
reference_id RHSA-2021:4399
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4399
19
reference_url https://usn.ubuntu.com/5342-1/
reference_id USN-5342-1
reference_type
scores
url https://usn.ubuntu.com/5342-1/
20
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
21
reference_url https://usn.ubuntu.com/USN-5342-3/
reference_id USN-USN-5342-3
reference_type
scores
url https://usn.ubuntu.com/USN-5342-3/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
reference_id VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:45:51Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
fixed_packages
aliases CVE-2021-3426
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2j3t-a3r6-vfg7
1
url VCID-75s4-h132-6fe1
vulnerability_id VCID-75s4-h132-6fe1
summary A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1.
references
0
reference_url https://access.redhat.com/errata/RHSA-2021:3254
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2021:3254
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3572.json
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3572.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3572
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47047
published_at 2026-04-09T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47051
published_at 2026-04-13T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.46996
published_at 2026-04-07T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47049
published_at 2026-04-04T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.4703
published_at 2026-04-02T12:55:00Z
5
value 0.0024
scoring_system epss
scoring_elements 0.46993
published_at 2026-04-01T12:55:00Z
6
value 0.0024
scoring_system epss
scoring_elements 0.47072
published_at 2026-04-11T12:55:00Z
7
value 0.0024
scoring_system epss
scoring_elements 0.47045
published_at 2026-04-12T12:55:00Z
8
value 0.0024
scoring_system epss
scoring_elements 0.47107
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3572
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1962856
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1962856
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5xp3-jfq3-5q8x
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2021-437.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/pip/PYSEC-2021-437.yaml
8
reference_url https://github.com/pypa/pip
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip
9
reference_url https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b
10
reference_url https://github.com/pypa/pip/pull/9827
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/pip/pull/9827
11
reference_url https://packetstormsecurity.com/files/162712/USN-4961-1.txt
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://packetstormsecurity.com/files/162712/USN-4961-1.txt
12
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
13
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
14
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
15
reference_url https://security.archlinux.org/AVG-2036
reference_id AVG-2036
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2036
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3572
reference_id CVE-2021-3572
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3572
17
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
18
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
19
reference_url https://access.redhat.com/errata/RHSA-2021:4455
reference_id RHSA-2021:4455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4455
20
reference_url https://usn.ubuntu.com/USN-4961-2/
reference_id USN-USN-4961-2
reference_type
scores
url https://usn.ubuntu.com/USN-4961-2/
fixed_packages
aliases CVE-2021-3572, GHSA-5xp3-jfq3-5q8x, PYSEC-2021-437
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75s4-h132-6fe1
2
url VCID-8a7h-5rn5-gubx
vulnerability_id VCID-8a7h-5rn5-gubx
summary A vulnerability has been discovered in GNAT Ada Suite which can lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27619.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27619.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27619
reference_id
reference_type
scores
0
value 0.0063
scoring_system epss
scoring_elements 0.70316
published_at 2026-04-16T12:55:00Z
1
value 0.0063
scoring_system epss
scoring_elements 0.70288
published_at 2026-04-12T12:55:00Z
2
value 0.0063
scoring_system epss
scoring_elements 0.70275
published_at 2026-04-13T12:55:00Z
3
value 0.0063
scoring_system epss
scoring_elements 0.70224
published_at 2026-04-02T12:55:00Z
4
value 0.0063
scoring_system epss
scoring_elements 0.7024
published_at 2026-04-04T12:55:00Z
5
value 0.0063
scoring_system epss
scoring_elements 0.70217
published_at 2026-04-07T12:55:00Z
6
value 0.0063
scoring_system epss
scoring_elements 0.70264
published_at 2026-04-08T12:55:00Z
7
value 0.0063
scoring_system epss
scoring_elements 0.70279
published_at 2026-04-09T12:55:00Z
8
value 0.0063
scoring_system epss
scoring_elements 0.70302
published_at 2026-04-11T12:55:00Z
9
value 0.00686
scoring_system epss
scoring_elements 0.7165
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27619
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27619
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27619
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1889886
reference_id 1889886
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1889886
5
reference_url https://security.gentoo.org/glsa/202402-04
reference_id GLSA-202402-04
reference_type
scores
url https://security.gentoo.org/glsa/202402-04
6
reference_url https://security.gentoo.org/glsa/202409-12
reference_id GLSA-202409-12
reference_type
scores
url https://security.gentoo.org/glsa/202409-12
7
reference_url https://access.redhat.com/errata/RHSA-2021:1633
reference_id RHSA-2021:1633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1633
8
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
9
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
10
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
11
reference_url https://usn.ubuntu.com/4754-1/
reference_id USN-4754-1
reference_type
scores
url https://usn.ubuntu.com/4754-1/
12
reference_url https://usn.ubuntu.com/4754-3/
reference_id USN-4754-3
reference_type
scores
url https://usn.ubuntu.com/4754-3/
13
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
aliases CVE-2020-27619
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8a7h-5rn5-gubx
3
url VCID-8par-whwz-6kft
vulnerability_id VCID-8par-whwz-6kft
summary An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33503.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33503.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33503
reference_id
reference_type
scores
0
value 0.00863
scoring_system epss
scoring_elements 0.7511
published_at 2026-04-16T12:55:00Z
1
value 0.00863
scoring_system epss
scoring_elements 0.75072
published_at 2026-04-13T12:55:00Z
2
value 0.00863
scoring_system epss
scoring_elements 0.75028
published_at 2026-04-01T12:55:00Z
3
value 0.00863
scoring_system epss
scoring_elements 0.75083
published_at 2026-04-12T12:55:00Z
4
value 0.00863
scoring_system epss
scoring_elements 0.75105
published_at 2026-04-11T12:55:00Z
5
value 0.00863
scoring_system epss
scoring_elements 0.75082
published_at 2026-04-09T12:55:00Z
6
value 0.00863
scoring_system epss
scoring_elements 0.7507
published_at 2026-04-08T12:55:00Z
7
value 0.00863
scoring_system epss
scoring_elements 0.75036
published_at 2026-04-07T12:55:00Z
8
value 0.00863
scoring_system epss
scoring_elements 0.7506
published_at 2026-04-04T12:55:00Z
9
value 0.00863
scoring_system epss
scoring_elements 0.75031
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33503
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2021-108.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2021-108.yaml
6
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
7
reference_url https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
8
reference_url https://github.com/urllib3/urllib3/commit/5b047b645f5f93900d5e2fc31230848c25eb1f5f#diff-52026d639119bf1e0364836b4e8a18bd9ed3c95c6ba39b26534a5057a65e35bbR65
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/5b047b645f5f93900d5e2fc31230848c25eb1f5f#diff-52026d639119bf1e0364836b4e8a18bd9ed3c95c6ba39b26534a5057a65e35bbR65
9
reference_url https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33503
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33503
13
reference_url https://security.gentoo.org/glsa/202107-36
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202107-36
14
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1968074
reference_id 1968074
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1968074
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989848
reference_id 989848
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989848
17
reference_url https://security.archlinux.org/ASA-202106-25
reference_id ASA-202106-25
reference_type
scores
url https://security.archlinux.org/ASA-202106-25
18
reference_url https://security.archlinux.org/AVG-2038
reference_id AVG-2038
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2038
19
reference_url https://access.redhat.com/errata/RHSA-2021:3473
reference_id RHSA-2021:3473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3473
20
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
21
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
22
reference_url https://access.redhat.com/errata/RHSA-2021:4702
reference_id RHSA-2021:4702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4702
23
reference_url https://usn.ubuntu.com/5812-1/
reference_id USN-5812-1
reference_type
scores
url https://usn.ubuntu.com/5812-1/
fixed_packages
aliases CVE-2021-33503, GHSA-q2q7-5pp4-w6pg, PYSEC-2021-108
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8par-whwz-6kft
4
url VCID-bjpd-6kh8-1bbs
vulnerability_id VCID-bjpd-6kh8-1bbs
summary In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36242.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36242.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-36242
reference_id
reference_type
scores
0
value 0.01272
scoring_system epss
scoring_elements 0.79477
published_at 2026-04-02T12:55:00Z
1
value 0.01272
scoring_system epss
scoring_elements 0.7947
published_at 2026-04-01T12:55:00Z
2
value 0.01575
scoring_system epss
scoring_elements 0.81562
published_at 2026-04-11T12:55:00Z
3
value 0.01575
scoring_system epss
scoring_elements 0.81542
published_at 2026-04-13T12:55:00Z
4
value 0.01575
scoring_system epss
scoring_elements 0.81536
published_at 2026-04-08T12:55:00Z
5
value 0.01575
scoring_system epss
scoring_elements 0.81508
published_at 2026-04-07T12:55:00Z
6
value 0.01575
scoring_system epss
scoring_elements 0.81511
published_at 2026-04-04T12:55:00Z
7
value 0.01575
scoring_system epss
scoring_elements 0.8158
published_at 2026-04-16T12:55:00Z
8
value 0.01575
scoring_system epss
scoring_elements 0.81549
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-36242
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36242
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-rhm9-p9w5-fwm7
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rhm9-p9w5-fwm7
5
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
6
reference_url https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst
7
reference_url https://github.com/pyca/cryptography/commit/82b6ce28389f0a317bc55ba2091a74b346db7cae
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/82b6ce28389f0a317bc55ba2091a74b346db7cae
8
reference_url https://github.com/pyca/cryptography/compare/3.3.1...3.3.2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/compare/3.3.1...3.3.2
9
reference_url https://github.com/pyca/cryptography/issues/5615
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/issues/5615
10
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-rhm9-p9w5-fwm7
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/security/advisories/GHSA-rhm9-p9w5-fwm7
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-63.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-63.yaml
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7RGQLK4J5ZQFRLKCHVVG6BKZTUQMG7E/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-36242
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-36242
16
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
17
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1926226
reference_id 1926226
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1926226
19
reference_url https://security.archlinux.org/ASA-202102-36
reference_id ASA-202102-36
reference_type
scores
url https://security.archlinux.org/ASA-202102-36
20
reference_url https://security.archlinux.org/AVG-1541
reference_id AVG-1541
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1541
21
reference_url https://security.gentoo.org/glsa/202407-06
reference_id GLSA-202407-06
reference_type
scores
url https://security.gentoo.org/glsa/202407-06
22
reference_url https://access.redhat.com/errata/RHSA-2021:1608
reference_id RHSA-2021:1608
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1608
23
reference_url https://access.redhat.com/errata/RHSA-2021:2239
reference_id RHSA-2021:2239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2239
fixed_packages
aliases CVE-2020-36242, GHSA-rhm9-p9w5-fwm7, PYSEC-2021-63
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjpd-6kh8-1bbs
5
url VCID-ct6h-d1eh-7bgj
vulnerability_id VCID-ct6h-d1eh-7bgj
summary python: urllib: Regular expression DoS in AbstractBasicAuthHandler
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3733.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3733.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3733
reference_id
reference_type
scores
0
value 0.00666
scoring_system epss
scoring_elements 0.71198
published_at 2026-04-02T12:55:00Z
1
value 0.00666
scoring_system epss
scoring_elements 0.71216
published_at 2026-04-04T12:55:00Z
2
value 0.00666
scoring_system epss
scoring_elements 0.71189
published_at 2026-04-01T12:55:00Z
3
value 0.0076
scoring_system epss
scoring_elements 0.73361
published_at 2026-04-11T12:55:00Z
4
value 0.0076
scoring_system epss
scoring_elements 0.73341
published_at 2026-04-12T12:55:00Z
5
value 0.0076
scoring_system epss
scoring_elements 0.73333
published_at 2026-04-13T12:55:00Z
6
value 0.0076
scoring_system epss
scoring_elements 0.73376
published_at 2026-04-16T12:55:00Z
7
value 0.0076
scoring_system epss
scoring_elements 0.73288
published_at 2026-04-07T12:55:00Z
8
value 0.0076
scoring_system epss
scoring_elements 0.73324
published_at 2026-04-08T12:55:00Z
9
value 0.0076
scoring_system epss
scoring_elements 0.73337
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3733
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995234
reference_id 1995234
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995234
5
reference_url https://access.redhat.com/errata/RHSA-2021:4057
reference_id RHSA-2021:4057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4057
6
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
7
reference_url https://access.redhat.com/errata/RHSA-2022:1663
reference_id RHSA-2022:1663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1663
8
reference_url https://access.redhat.com/errata/RHSA-2022:1764
reference_id RHSA-2022:1764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1764
9
reference_url https://access.redhat.com/errata/RHSA-2022:1821
reference_id RHSA-2022:1821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1821
10
reference_url https://usn.ubuntu.com/5083-1/
reference_id USN-5083-1
reference_type
scores
url https://usn.ubuntu.com/5083-1/
11
reference_url https://usn.ubuntu.com/5199-1/
reference_id USN-5199-1
reference_type
scores
url https://usn.ubuntu.com/5199-1/
12
reference_url https://usn.ubuntu.com/5200-1/
reference_id USN-5200-1
reference_type
scores
url https://usn.ubuntu.com/5200-1/
13
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
aliases CVE-2021-3733
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ct6h-d1eh-7bgj
6
url VCID-dkxn-j9dr-sqbp
vulnerability_id VCID-dkxn-j9dr-sqbp
summary 
Multiple vulnerabilities have been found in Python, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3177
reference_id
reference_type
scores
0
value 0.00072
scoring_system epss
scoring_elements 0.21902
published_at 2026-04-08T12:55:00Z
1
value 0.00072
scoring_system epss
scoring_elements 0.21958
published_at 2026-04-09T12:55:00Z
2
value 0.00072
scoring_system epss
scoring_elements 0.2193
published_at 2026-04-12T12:55:00Z
3
value 0.00072
scoring_system epss
scoring_elements 0.21875
published_at 2026-04-16T12:55:00Z
4
value 0.00072
scoring_system epss
scoring_elements 0.21971
published_at 2026-04-11T12:55:00Z
5
value 0.00072
scoring_system epss
scoring_elements 0.21873
published_at 2026-04-13T12:55:00Z
6
value 0.00072
scoring_system epss
scoring_elements 0.21827
published_at 2026-04-07T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22589
published_at 2026-04-02T12:55:00Z
8
value 0.00074
scoring_system epss
scoring_elements 0.22421
published_at 2026-04-01T12:55:00Z
9
value 0.00074
scoring_system epss
scoring_elements 0.22631
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3177
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1918168
reference_id 1918168
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1918168
5
reference_url https://github.com/python/cpython/pull/24239
reference_id 24239
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://github.com/python/cpython/pull/24239
6
reference_url https://security.archlinux.org/ASA-202102-37
reference_id ASA-202102-37
reference_type
scores
url https://security.archlinux.org/ASA-202102-37
7
reference_url https://security.archlinux.org/AVG-1465
reference_id AVG-1465
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1465
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/
reference_id BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/
reference_id CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/
10
reference_url https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
reference_id ctypes-buffer-overflow-pycarg_repr.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
reference_id FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/
reference_id FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/
13
reference_url https://security.gentoo.org/glsa/202101-18
reference_id GLSA-202101-18
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://security.gentoo.org/glsa/202101-18
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
reference_id HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
15
reference_url https://bugs.python.org/issue42938
reference_id issue42938
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://bugs.python.org/issue42938
16
reference_url https://news.ycombinator.com/item?id=26185005
reference_id item?id=26185005
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://news.ycombinator.com/item?id=26185005
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/
reference_id MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
reference_id MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
19
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
20
reference_url https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html
reference_id msg00013.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html
21
reference_url https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
reference_id msg00024.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
reference_id NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/
reference_id NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/
24
reference_url https://security.netapp.com/advisory/ntap-20210226-0003/
reference_id ntap-20210226-0003
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://security.netapp.com/advisory/ntap-20210226-0003/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/
reference_id NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/
26
reference_url https://access.redhat.com/errata/RHSA-2021:1633
reference_id RHSA-2021:1633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1633
27
reference_url https://access.redhat.com/errata/RHSA-2021:1761
reference_id RHSA-2021:1761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1761
28
reference_url https://access.redhat.com/errata/RHSA-2021:1879
reference_id RHSA-2021:1879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1879
29
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
30
reference_url https://access.redhat.com/errata/RHSA-2022:5235
reference_id RHSA-2022:5235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5235
31
reference_url https://usn.ubuntu.com/4754-1/
reference_id USN-4754-1
reference_type
scores
url https://usn.ubuntu.com/4754-1/
32
reference_url https://usn.ubuntu.com/4754-3/
reference_id USN-4754-3
reference_type
scores
url https://usn.ubuntu.com/4754-3/
33
reference_url https://usn.ubuntu.com/4754-4/
reference_id USN-4754-4
reference_type
scores
url https://usn.ubuntu.com/4754-4/
34
reference_url https://usn.ubuntu.com/4754-5/
reference_id USN-4754-5
reference_type
scores
url https://usn.ubuntu.com/4754-5/
35
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/
reference_id V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/
reference_id Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/
reference_id YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/
reference_id Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/
fixed_packages
aliases CVE-2021-3177
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dkxn-j9dr-sqbp
7
url VCID-j8hj-k7wy-yfch
vulnerability_id VCID-j8hj-k7wy-yfch
summary python: ftplib should not use the host from the PASV response
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4189.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4189.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4189
reference_id
reference_type
scores
0
value 0.01057
scoring_system epss
scoring_elements 0.77554
published_at 2026-04-02T12:55:00Z
1
value 0.01057
scoring_system epss
scoring_elements 0.77547
published_at 2026-04-01T12:55:00Z
2
value 0.01057
scoring_system epss
scoring_elements 0.7758
published_at 2026-04-04T12:55:00Z
3
value 0.01057
scoring_system epss
scoring_elements 0.7756
published_at 2026-04-07T12:55:00Z
4
value 0.01057
scoring_system epss
scoring_elements 0.7759
published_at 2026-04-08T12:55:00Z
5
value 0.01057
scoring_system epss
scoring_elements 0.77597
published_at 2026-04-09T12:55:00Z
6
value 0.01057
scoring_system epss
scoring_elements 0.77624
published_at 2026-04-11T12:55:00Z
7
value 0.01057
scoring_system epss
scoring_elements 0.77608
published_at 2026-04-12T12:55:00Z
8
value 0.01057
scoring_system epss
scoring_elements 0.77607
published_at 2026-04-13T12:55:00Z
9
value 0.01057
scoring_system epss
scoring_elements 0.77644
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4189
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e
reference_id 0ab152c6b5d95caa2dc1a30fa96e10258b5f188e
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2036020
reference_id 2036020
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2036020
6
reference_url https://access.redhat.com/security/cve/CVE-2021-4189
reference_id CVE-2021-4189
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://access.redhat.com/security/cve/CVE-2021-4189
7
reference_url https://security-tracker.debian.org/tracker/CVE-2021-4189
reference_id CVE-2021-4189
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://security-tracker.debian.org/tracker/CVE-2021-4189
8
reference_url https://python-security.readthedocs.io/vuln/ftplib-pasv.html
reference_id ftplib-pasv.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://python-security.readthedocs.io/vuln/ftplib-pasv.html
9
reference_url https://bugs.python.org/issue43285
reference_id issue43285
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://bugs.python.org/issue43285
10
reference_url https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
reference_id msg00024.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
11
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
reference_id msg00039.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
12
reference_url https://security.netapp.com/advisory/ntap-20221104-0004/
reference_id ntap-20221104-0004
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:59:42Z/
url https://security.netapp.com/advisory/ntap-20221104-0004/
13
reference_url https://access.redhat.com/errata/RHSA-2022:1663
reference_id RHSA-2022:1663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1663
14
reference_url https://access.redhat.com/errata/RHSA-2022:1821
reference_id RHSA-2022:1821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1821
15
reference_url https://access.redhat.com/errata/RHSA-2022:1986
reference_id RHSA-2022:1986
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1986
16
reference_url https://usn.ubuntu.com/5342-1/
reference_id USN-5342-1
reference_type
scores
url https://usn.ubuntu.com/5342-1/
17
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
18
reference_url https://usn.ubuntu.com/USN-5342-2/
reference_id USN-USN-5342-2
reference_type
scores
url https://usn.ubuntu.com/USN-5342-2/
fixed_packages
aliases CVE-2021-4189
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j8hj-k7wy-yfch
8
url VCID-j95d-56fv-jfae
vulnerability_id VCID-j95d-56fv-jfae
summary A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27783.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27783.json
1
reference_url https://advisory.checkmarx.net/advisory/CX-2020-4286
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://advisory.checkmarx.net/advisory/CX-2020-4286
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27783
reference_id
reference_type
scores
0
value 0.01246
scoring_system epss
scoring_elements 0.79284
published_at 2026-04-08T12:55:00Z
1
value 0.01246
scoring_system epss
scoring_elements 0.79258
published_at 2026-04-07T12:55:00Z
2
value 0.01246
scoring_system epss
scoring_elements 0.79273
published_at 2026-04-04T12:55:00Z
3
value 0.01246
scoring_system epss
scoring_elements 0.79242
published_at 2026-04-01T12:55:00Z
4
value 0.01246
scoring_system epss
scoring_elements 0.79249
published_at 2026-04-02T12:55:00Z
5
value 0.01246
scoring_system epss
scoring_elements 0.79288
published_at 2026-04-13T12:55:00Z
6
value 0.01246
scoring_system epss
scoring_elements 0.793
published_at 2026-04-12T12:55:00Z
7
value 0.01246
scoring_system epss
scoring_elements 0.79316
published_at 2026-04-16T12:55:00Z
8
value 0.01246
scoring_system epss
scoring_elements 0.79291
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27783
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1901633
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1901633
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27783
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27783
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-pgww-xf46-h92r
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-pgww-xf46-h92r
7
reference_url https://github.com/lxml/lxml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/lxml/lxml
8
reference_url https://github.com/lxml/lxml/commit/a105ab8dc262ec6735977c25c13f0bdfcdec72a7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/lxml/lxml/commit/a105ab8dc262ec6735977c25c13f0bdfcdec72a7
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2020-62.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2020-62.yaml
10
reference_url https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-27783
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-27783
18
reference_url https://pypi.org/project/lxml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/lxml
19
reference_url https://security.netapp.com/advisory/ntap-20210521-0003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210521-0003
20
reference_url https://snyk.io/vuln/SNYK-PYTHON-LXML-1047473
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-PYTHON-LXML-1047473
21
reference_url https://www.debian.org/security/2020/dsa-4810
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://www.debian.org/security/2020/dsa-4810
22
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://www.oracle.com//security-alerts/cpujul2021.html
23
reference_url https://security.archlinux.org/ASA-202012-1
reference_id ASA-202012-1
reference_type
scores
url https://security.archlinux.org/ASA-202012-1
24
reference_url https://security.archlinux.org/AVG-1319
reference_id AVG-1319
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1319
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/
reference_id JKG67GPGTV23KADT4D4GK4RMHSO4CIQL
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL/
26
reference_url https://security.netapp.com/advisory/ntap-20210521-0003/
reference_id ntap-20210521-0003
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://security.netapp.com/advisory/ntap-20210521-0003/
27
reference_url https://access.redhat.com/errata/RHSA-2021:1761
reference_id RHSA-2021:1761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1761
28
reference_url https://access.redhat.com/errata/RHSA-2021:1879
reference_id RHSA-2021:1879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1879
29
reference_url https://access.redhat.com/errata/RHSA-2021:1898
reference_id RHSA-2021:1898
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1898
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/
reference_id TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:02:01Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK/
31
reference_url https://usn.ubuntu.com/4666-1/
reference_id USN-4666-1
reference_type
scores
url https://usn.ubuntu.com/4666-1/
32
reference_url https://usn.ubuntu.com/4666-2/
reference_id USN-4666-2
reference_type
scores
url https://usn.ubuntu.com/4666-2/
fixed_packages
aliases CVE-2020-27783, GHSA-pgww-xf46-h92r, PYSEC-2020-62
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j95d-56fv-jfae
9
url VCID-jpa1-g154-1ye8
vulnerability_id VCID-jpa1-g154-1ye8
summary This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28493.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-28493.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28493
reference_id
reference_type
scores
0
value 0.00207
scoring_system epss
scoring_elements 0.43081
published_at 2026-04-16T12:55:00Z
1
value 0.00207
scoring_system epss
scoring_elements 0.43038
published_at 2026-04-12T12:55:00Z
2
value 0.00207
scoring_system epss
scoring_elements 0.43073
published_at 2026-04-11T12:55:00Z
3
value 0.00207
scoring_system epss
scoring_elements 0.43037
published_at 2026-04-08T12:55:00Z
4
value 0.00207
scoring_system epss
scoring_elements 0.42987
published_at 2026-04-07T12:55:00Z
5
value 0.00207
scoring_system epss
scoring_elements 0.4305
published_at 2026-04-09T12:55:00Z
6
value 0.00207
scoring_system epss
scoring_elements 0.43023
published_at 2026-04-13T12:55:00Z
7
value 0.00207
scoring_system epss
scoring_elements 0.42963
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28493
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28493
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28493
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-g3rq-g295-4j3m
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-g3rq-g295-4j3m
5
reference_url https://github.com/pallets/jinja
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pallets/jinja
6
reference_url https://github.com/pallets/jinja/blob/ab81fd9c277900c85da0c322a2ff9d68a235b2e6/src/jinja2/utils.py%23L20
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pallets/jinja/blob/ab81fd9c277900c85da0c322a2ff9d68a235b2e6/src/jinja2/utils.py%23L20
7
reference_url https://github.com/pallets/jinja/commit/15ef8f09b659f9100610583938005a7a10472d4d
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pallets/jinja/commit/15ef8f09b659f9100610583938005a7a10472d4d
8
reference_url https://github.com/pallets/jinja/pull/1343
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pallets/jinja/pull/1343
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/jinja2/PYSEC-2021-66.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/jinja2/PYSEC-2021-66.yaml
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVAKCOO7VBVUBM3Q6CBBTPBFNP5NDXF4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVAKCOO7VBVUBM3Q6CBBTPBFNP5NDXF4
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVAKCOO7VBVUBM3Q6CBBTPBFNP5NDXF4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVAKCOO7VBVUBM3Q6CBBTPBFNP5NDXF4/
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28493
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28493
13
reference_url https://security.gentoo.org/glsa/202107-19
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202107-19
14
reference_url https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1928707
reference_id 1928707
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1928707
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982736
reference_id 982736
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982736
17
reference_url https://security.archlinux.org/ASA-202102-19
reference_id ASA-202102-19
reference_type
scores
url https://security.archlinux.org/ASA-202102-19
18
reference_url https://security.archlinux.org/AVG-1523
reference_id AVG-1523
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1523
19
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
20
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
21
reference_url https://access.redhat.com/errata/RHSA-2021:4161
reference_id RHSA-2021:4161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4161
22
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
23
reference_url https://usn.ubuntu.com/5701-1/
reference_id USN-5701-1
reference_type
scores
url https://usn.ubuntu.com/5701-1/
24
reference_url https://usn.ubuntu.com/6599-1/
reference_id USN-6599-1
reference_type
scores
url https://usn.ubuntu.com/6599-1/
fixed_packages
aliases CVE-2020-28493, GHSA-g3rq-g295-4j3m, PYSEC-2021-66, SNYK-PYTHON-JINJA2-1012994
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jpa1-g154-1ye8
10
url VCID-szsp-k3sg-r3eu
vulnerability_id VCID-szsp-k3sg-r3eu
summary A vulnerability in Babel could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20095.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20095.json
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1955615
reference_id 1955615
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1955615
3
reference_url https://security.archlinux.org/ASA-202105-15
reference_id ASA-202105-15
reference_type
scores
url https://security.archlinux.org/ASA-202105-15
4
reference_url https://security.archlinux.org/AVG-1894
reference_id AVG-1894
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1894
5
reference_url https://security.gentoo.org/glsa/202208-03
reference_id GLSA-202208-03
reference_type
scores
url https://security.gentoo.org/glsa/202208-03
6
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
7
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
8
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
9
reference_url https://access.redhat.com/errata/RHSA-2021:4201
reference_id RHSA-2021:4201
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4201
10
reference_url https://usn.ubuntu.com/4962-1/
reference_id USN-4962-1
reference_type
scores
url https://usn.ubuntu.com/4962-1/
fixed_packages
aliases CVE-2021-20095
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-szsp-k3sg-r3eu
11
url VCID-u7xg-3dp7-vkc2
vulnerability_id VCID-u7xg-3dp7-vkc2
summary An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28957.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28957.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28957
reference_id
reference_type
scores
0
value 0.00518
scoring_system epss
scoring_elements 0.66768
published_at 2026-04-16T12:55:00Z
1
value 0.00518
scoring_system epss
scoring_elements 0.66735
published_at 2026-04-13T12:55:00Z
2
value 0.00518
scoring_system epss
scoring_elements 0.66764
published_at 2026-04-12T12:55:00Z
3
value 0.00518
scoring_system epss
scoring_elements 0.66777
published_at 2026-04-11T12:55:00Z
4
value 0.00518
scoring_system epss
scoring_elements 0.66695
published_at 2026-04-02T12:55:00Z
5
value 0.00518
scoring_system epss
scoring_elements 0.66757
published_at 2026-04-09T12:55:00Z
6
value 0.00518
scoring_system epss
scoring_elements 0.66742
published_at 2026-04-08T12:55:00Z
7
value 0.00518
scoring_system epss
scoring_elements 0.66693
published_at 2026-04-07T12:55:00Z
8
value 0.00518
scoring_system epss
scoring_elements 0.66721
published_at 2026-04-04T12:55:00Z
9
value 0.00518
scoring_system epss
scoring_elements 0.66655
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28957
2
reference_url https://bugs.launchpad.net/lxml/+bug/1888153
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://bugs.launchpad.net/lxml/+bug/1888153
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28957
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/advisories/GHSA-jq4v-f5q6-mjqq
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jq4v-f5q6-mjqq
6
reference_url https://github.com/lxml/lxml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/lxml/lxml
7
reference_url https://github.com/lxml/lxml/commit/2d01a1ba8984e0483ce6619b972832377f208a0d
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/lxml/lxml/commit/2d01a1ba8984e0483ce6619b972832377f208a0d
8
reference_url https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://github.com/lxml/lxml/commit/a5f9cb52079dc57477c460dbe6ba0f775e14a999
9
reference_url https://github.com/lxml/lxml/pull/316
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/lxml/lxml/pull/316
10
reference_url https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://github.com/lxml/lxml/pull/316/commits/10ec1b4e9f93713513a3264ed6158af22492f270
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2021-19.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2021-19.yaml
12
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://lists.debian.org/debian-lts-announce/2021/03/msg00031.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-28957
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-28957
16
reference_url https://pypi.org/project/lxml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/lxml
17
reference_url https://security.gentoo.org/glsa/202208-06
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://security.gentoo.org/glsa/202208-06
18
reference_url https://security.netapp.com/advisory/ntap-20210521-0004
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210521-0004
19
reference_url https://www.debian.org/security/2021/dsa-4880
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://www.debian.org/security/2021/dsa-4880
20
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1941534
reference_id 1941534
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1941534
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/
reference_id 3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3C2R44VDUY7FJVMAVRZ2WY7XYL4SVN45/
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985643
reference_id 985643
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985643
24
reference_url https://security.archlinux.org/AVG-1720
reference_id AVG-1720
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1720
25
reference_url https://security.netapp.com/advisory/ntap-20210521-0004/
reference_id ntap-20210521-0004
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://security.netapp.com/advisory/ntap-20210521-0004/
26
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
27
reference_url https://access.redhat.com/errata/RHSA-2021:4158
reference_id RHSA-2021:4158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4158
28
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
29
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
30
reference_url https://usn.ubuntu.com/4896-1/
reference_id USN-4896-1
reference_type
scores
url https://usn.ubuntu.com/4896-1/
31
reference_url https://usn.ubuntu.com/4896-2/
reference_id USN-4896-2
reference_type
scores
url https://usn.ubuntu.com/4896-2/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/
reference_id XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:31:40Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXN3QPWCTQVOGW4BMWV3AUUZZ4NRZNSQ/
fixed_packages
aliases CVE-2021-28957, GHSA-jq4v-f5q6-mjqq, PYSEC-2021-19
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7xg-3dp7-vkc2
12
url VCID-vmx8-tjg2-uuec
vulnerability_id VCID-vmx8-tjg2-uuec
summary python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25659.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25659.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25659
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48636
published_at 2026-04-16T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48585
published_at 2026-04-13T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48573
published_at 2026-04-12T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.486
published_at 2026-04-11T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48578
published_at 2026-04-09T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.48582
published_at 2026-04-08T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48528
published_at 2026-04-07T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48517
published_at 2026-04-01T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.48577
published_at 2026-04-04T12:55:00Z
9
value 0.00252
scoring_system epss
scoring_elements 0.48553
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25659
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25659
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-hggm-jpg3-v476
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hggm-jpg3-v476
5
reference_url https://github.com/pyca/cryptography
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography
6
reference_url https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494
7
reference_url https://github.com/pyca/cryptography/pull/5507
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/pull/5507
8
reference_url https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b
reference_id
reference_type
scores
url https://github.com/pyca/cryptography/pull/5507/commits/ce1bef6f1ee06ac497ca0c837fbd1c7ef6c2472b
9
reference_url https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-62.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2021-62.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25659
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25659
12
reference_url https://pypi.org/project/cryptography
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/cryptography
13
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
14
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1889988
reference_id 1889988
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1889988
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973247
reference_id 973247
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973247
17
reference_url https://access.redhat.com/errata/RHSA-2021:1608
reference_id RHSA-2021:1608
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1608
18
reference_url https://access.redhat.com/errata/RHSA-2021:2239
reference_id RHSA-2021:2239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2239
19
reference_url https://usn.ubuntu.com/4613-1/
reference_id USN-4613-1
reference_type
scores
url https://usn.ubuntu.com/4613-1/
fixed_packages
aliases CVE-2020-25659, GHSA-hggm-jpg3-v476, PYSEC-2021-62
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vmx8-tjg2-uuec
13
url VCID-vpwj-d49q-1uh8
vulnerability_id VCID-vpwj-d49q-1uh8
summary Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0391
reference_id
reference_type
scores
0
value 0.01317
scoring_system epss
scoring_elements 0.79807
published_at 2026-04-01T12:55:00Z
1
value 0.01317
scoring_system epss
scoring_elements 0.79882
published_at 2026-04-11T12:55:00Z
2
value 0.01317
scoring_system epss
scoring_elements 0.79815
published_at 2026-04-02T12:55:00Z
3
value 0.01317
scoring_system epss
scoring_elements 0.79885
published_at 2026-04-16T12:55:00Z
4
value 0.01317
scoring_system epss
scoring_elements 0.79857
published_at 2026-04-13T12:55:00Z
5
value 0.01317
scoring_system epss
scoring_elements 0.79865
published_at 2026-04-12T12:55:00Z
6
value 0.01317
scoring_system epss
scoring_elements 0.79835
published_at 2026-04-04T12:55:00Z
7
value 0.01317
scoring_system epss
scoring_elements 0.79823
published_at 2026-04-07T12:55:00Z
8
value 0.01317
scoring_system epss
scoring_elements 0.79852
published_at 2026-04-08T12:55:00Z
9
value 0.01317
scoring_system epss
scoring_elements 0.7986
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0391
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2047376
reference_id 2047376
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2047376
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
reference_id CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
6
reference_url https://bugs.python.org/issue43882
reference_id issue43882
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/
url https://bugs.python.org/issue43882
7
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
reference_id msg00022.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
8
reference_url https://security.netapp.com/advisory/ntap-20220225-0009/
reference_id ntap-20220225-0009
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/
url https://security.netapp.com/advisory/ntap-20220225-0009/
9
reference_url https://access.redhat.com/errata/RHSA-2022:1663
reference_id RHSA-2022:1663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1663
10
reference_url https://access.redhat.com/errata/RHSA-2022:1764
reference_id RHSA-2022:1764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1764
11
reference_url https://access.redhat.com/errata/RHSA-2022:1821
reference_id RHSA-2022:1821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1821
12
reference_url https://access.redhat.com/errata/RHSA-2022:6457
reference_id RHSA-2022:6457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6457
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
reference_id UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
14
reference_url https://usn.ubuntu.com/5342-1/
reference_id USN-5342-1
reference_type
scores
url https://usn.ubuntu.com/5342-1/
15
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
16
reference_url https://usn.ubuntu.com/USN-5342-2/
reference_id USN-USN-5342-2
reference_type
scores
url https://usn.ubuntu.com/USN-5342-2/
fixed_packages
aliases CVE-2022-0391
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpwj-d49q-1uh8
14
url VCID-w6k8-js68-87g4
vulnerability_id VCID-w6k8-js68-87g4
summary 
Multiple vulnerabilities have been found in Python, the worst of
    which might allow attackers to access sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23336
reference_id
reference_type
scores
0
value 0.003
scoring_system epss
scoring_elements 0.53379
published_at 2026-04-16T12:55:00Z
1
value 0.003
scoring_system epss
scoring_elements 0.53342
published_at 2026-04-13T12:55:00Z
2
value 0.003
scoring_system epss
scoring_elements 0.53374
published_at 2026-04-11T12:55:00Z
3
value 0.003
scoring_system epss
scoring_elements 0.53358
published_at 2026-04-12T12:55:00Z
4
value 0.003
scoring_system epss
scoring_elements 0.53323
published_at 2026-04-09T12:55:00Z
5
value 0.003
scoring_system epss
scoring_elements 0.53329
published_at 2026-04-08T12:55:00Z
6
value 0.003
scoring_system epss
scoring_elements 0.53276
published_at 2026-04-07T12:55:00Z
7
value 0.00311
scoring_system epss
scoring_elements 0.54271
published_at 2026-04-02T12:55:00Z
8
value 0.00311
scoring_system epss
scoring_elements 0.54301
published_at 2026-04-04T12:55:00Z
9
value 0.00311
scoring_system epss
scoring_elements 0.54251
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23336
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1928904
reference_id 1928904
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1928904
5
reference_url https://github.com/python/cpython/pull/24297
reference_id 24297
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://github.com/python/cpython/pull/24297
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
reference_id 3EPYWWFDV22CJ5AOH5VCE72DOASZZ255
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
reference_id 3YKKDLXL3UEZ3J426C2XTBS63AHE46SM
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
8
reference_url http://www.openwall.com/lists/oss-security/2021/02/19/4
reference_id 4
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url http://www.openwall.com/lists/oss-security/2021/02/19/4
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
reference_id 46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090
reference_id 983090
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090
11
reference_url https://security.archlinux.org/ASA-202102-28
reference_id ASA-202102-28
reference_type
scores
url https://security.archlinux.org/ASA-202102-28
12
reference_url https://security.archlinux.org/ASA-202102-37
reference_id ASA-202102-37
reference_type
scores
url https://security.archlinux.org/ASA-202102-37
13
reference_url https://security.archlinux.org/AVG-1465
reference_id AVG-1465
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1465
14
reference_url https://security.archlinux.org/AVG-1593
reference_id AVG-1593
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1593
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-23336
reference_id CVE-2021-23336
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-23336
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
reference_id FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
17
reference_url https://security.gentoo.org/glsa/202104-04
reference_id GLSA-202104-04
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://security.gentoo.org/glsa/202104-04
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
reference_id HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
reference_id HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
reference_id IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
reference_id KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
reference_id LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
reference_id MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
reference_id MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
25
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
26
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
reference_id msg00022.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
27
reference_url https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
reference_id N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
reference_id NJSCSN722JO2E2AGPWD4NTGVELVRPB4R
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
reference_id NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
31
reference_url https://security.netapp.com/advisory/ntap-20210326-0004/
reference_id ntap-20210326-0004
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://security.netapp.com/advisory/ntap-20210326-0004/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
reference_id OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
33
reference_url https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E
reference_id rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E
34
reference_url https://access.redhat.com/errata/RHSA-2021:1633
reference_id RHSA-2021:1633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1633
35
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
36
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
37
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
reference_id RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
reference_id SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
40
reference_url https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
reference_id SNYK-UPSTREAM-PYTHONCPYTHON-1074933
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
reference_id TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
42
reference_url https://usn.ubuntu.com/4742-1/
reference_id USN-4742-1
reference_type
scores
url https://usn.ubuntu.com/4742-1/
43
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
reference_id W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
fixed_packages
aliases CVE-2021-23336
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6k8-js68-87g4
15
url VCID-yw7e-93us-8qh8
vulnerability_id VCID-yw7e-93us-8qh8
summary Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42771.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42771.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-42771
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38203
published_at 2026-04-16T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38157
published_at 2026-04-13T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38068
published_at 2026-04-01T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.3818
published_at 2026-04-12T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38216
published_at 2026-04-11T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38197
published_at 2026-04-09T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38189
published_at 2026-04-08T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38139
published_at 2026-04-07T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.3827
published_at 2026-04-04T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38247
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-42771
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42771
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42771
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-h4m5-qpfp-3mpv
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h4m5-qpfp-3mpv
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/babel/PYSEC-2021-421.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/babel/PYSEC-2021-421.yaml
6
reference_url https://github.com/python-babel/babel
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-babel/babel
7
reference_url https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3
8
reference_url https://github.com/python-babel/babel/pull/782
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/python-babel/babel/pull/782
9
reference_url https://lists.debian.org/debian-lts/2021/10/msg00040.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts/2021/10/msg00040.html
10
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00018.html
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/10/msg00018.html
11
reference_url https://www.debian.org/security/2021/dsa-5018
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-5018
12
reference_url https://www.tenable.com/security/research/tra-2021-14
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.tenable.com/security/research/tra-2021-14
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1955615
reference_id 1955615
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1955615
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987824
reference_id 987824
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987824
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-42771
reference_id CVE-2021-42771
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-42771
16
reference_url https://access.redhat.com/errata/RHSA-2021:3252
reference_id RHSA-2021:3252
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3252
17
reference_url https://access.redhat.com/errata/RHSA-2021:4151
reference_id RHSA-2021:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4151
18
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
19
reference_url https://access.redhat.com/errata/RHSA-2021:4201
reference_id RHSA-2021:4201
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4201
fixed_packages
aliases CVE-2021-42771, GHSA-h4m5-qpfp-3mpv, PYSEC-2021-421
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yw7e-93us-8qh8
16
url VCID-z48d-eyxz-bycq
vulnerability_id VCID-z48d-eyxz-bycq
summary Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29921.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29921
reference_id
reference_type
scores
0
value 0.02048
scoring_system epss
scoring_elements 0.83792
published_at 2026-04-01T12:55:00Z
1
value 0.02048
scoring_system epss
scoring_elements 0.8389
published_at 2026-04-16T12:55:00Z
2
value 0.02048
scoring_system epss
scoring_elements 0.83862
published_at 2026-04-12T12:55:00Z
3
value 0.02048
scoring_system epss
scoring_elements 0.83857
published_at 2026-04-13T12:55:00Z
4
value 0.02048
scoring_system epss
scoring_elements 0.83805
published_at 2026-04-02T12:55:00Z
5
value 0.02048
scoring_system epss
scoring_elements 0.83819
published_at 2026-04-04T12:55:00Z
6
value 0.02048
scoring_system epss
scoring_elements 0.83821
published_at 2026-04-07T12:55:00Z
7
value 0.02048
scoring_system epss
scoring_elements 0.83845
published_at 2026-04-08T12:55:00Z
8
value 0.02048
scoring_system epss
scoring_elements 0.83851
published_at 2026-04-09T12:55:00Z
9
value 0.02048
scoring_system epss
scoring_elements 0.83868
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29921
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1957458
reference_id 1957458
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1957458
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195
reference_id 989195
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989195
6
reference_url https://security.archlinux.org/AVG-1913
reference_id AVG-1913
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1913
7
reference_url https://access.redhat.com/errata/RHSA-2021:4160
reference_id RHSA-2021:4160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4160
8
reference_url https://access.redhat.com/errata/RHSA-2021:4162
reference_id RHSA-2021:4162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4162
9
reference_url https://usn.ubuntu.com/4973-1/
reference_id USN-4973-1
reference_type
scores
url https://usn.ubuntu.com/4973-1/
10
reference_url https://usn.ubuntu.com/4973-2/
reference_id USN-4973-2
reference_type
scores
url https://usn.ubuntu.com/4973-2/
11
reference_url https://usn.ubuntu.com/6891-1/
reference_id USN-6891-1
reference_type
scores
url https://usn.ubuntu.com/6891-1/
fixed_packages
aliases CVE-2021-29921
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z48d-eyxz-bycq
Fixing_vulnerabilities
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-python38-python-pip@19.3.1-2%3Farch=el7