Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/4420?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4420?format=api", "vulnerability_id": "VCID-ary1-cnnt-duhg", "summary": "private key recovery", "aliases": [ { "alias": "CVE-2019-5885" }, { "alias": "GHSA-jrqm-v8cv-53ww" }, { "alias": "PYSEC-2019-187" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2193?format=api", "purl": "pkg:alpm/archlinux/matrix-synapse@0.34.1.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/matrix-synapse@0.34.1.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/196963?format=api", "purl": "pkg:deb/debian/matrix-synapse@0.34.1.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matrix-synapse@0.34.1.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/196956?format=api", "purl": "pkg:deb/debian/matrix-synapse@1.152.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/matrix-synapse@1.152.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/11880?format=api", "purl": "pkg:pypi/matrix-synapse@0.34.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-9wuf-2wxr-z7a8" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.34.0.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2192?format=api", "purl": "pkg:alpm/archlinux/matrix-synapse@0.34.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ary1-cnnt-duhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/matrix-synapse@0.34.0-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/11867?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/11868?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/11869?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.6rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.6rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/11870?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/11871?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.7rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.7rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/11872?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.7rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.7rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/11873?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/11874?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.8rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.8rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/11875?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/11876?format=api", "purl": "pkg:pypi/matrix-synapse@0.33.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.33.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/11877?format=api", "purl": "pkg:pypi/matrix-synapse@0.34.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.34.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/11878?format=api", "purl": "pkg:pypi/matrix-synapse@0.34.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.34.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/11879?format=api", "purl": "pkg:pypi/matrix-synapse@0.34.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cxk-wn3b-jycq" }, { "vulnerability": "VCID-3stp-shy4-dudr" }, { "vulnerability": "VCID-3tbz-jcb2-4fdn" }, { "vulnerability": "VCID-43wz-3reu-s3ep" }, { "vulnerability": "VCID-5b91-nm22-5uh4" }, { "vulnerability": "VCID-5d98-hf1n-17aq" }, { "vulnerability": "VCID-5fgp-pcfw-33gk" }, { "vulnerability": "VCID-5qpz-wwr2-7uey" }, { "vulnerability": "VCID-66cm-6sgb-bqft" }, { "vulnerability": "VCID-9r6h-dqus-mbag" }, { "vulnerability": "VCID-9wuf-2wxr-z7a8" }, { "vulnerability": "VCID-arh5-tp1n-nubq" }, { "vulnerability": "VCID-ary1-cnnt-duhg" }, { "vulnerability": "VCID-cff6-n5gz-jfhe" }, { "vulnerability": "VCID-fmqv-a8qr-gqfz" }, { "vulnerability": "VCID-fzu5-7rfv-qfgx" }, { "vulnerability": "VCID-g7rm-55dm-tybk" }, { "vulnerability": "VCID-jg9y-53m4-5bb6" }, { "vulnerability": "VCID-k4kh-v8t1-wqfg" }, { "vulnerability": "VCID-k689-rvyd-e3hp" }, { "vulnerability": "VCID-mmge-uj6j-k3c2" }, { "vulnerability": "VCID-ng8b-cs3a-cqa7" }, { "vulnerability": "VCID-nmcr-v864-nkde" }, { "vulnerability": "VCID-nmup-uep4-b7hw" }, { "vulnerability": "VCID-pg5k-2upe-dudk" }, { "vulnerability": "VCID-ry9q-34p9-auh6" }, { "vulnerability": "VCID-sh81-25ty-4bgn" }, { "vulnerability": "VCID-t1ed-3zjj-eude" }, { "vulnerability": "VCID-tug1-g6m1-j3f3" }, { "vulnerability": "VCID-v54a-sjgy-b7ca" }, { "vulnerability": "VCID-vb2z-kkev-aues" }, { "vulnerability": "VCID-z5ga-q6zr-3kb5" }, { "vulnerability": "VCID-zdxd-83uy-hbad" }, { "vulnerability": "VCID-zvev-sm5c-suh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/matrix-synapse@0.34.0" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00773", "scoring_system": "epss", "scoring_elements": "0.73885", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-5885" }, { "reference_url": "https://github.com/matrix-org/synapse", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/synapse" }, { "reference_url": "https://github.com/matrix-org/synapse/blob/67f9e5293ea6650b2ec284c0b7503f3f3eade94b/docs/changelogs/CHANGES-pre-1.0.md?plain=1#L460", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/synapse/blob/67f9e5293ea6650b2ec284c0b7503f3f3eade94b/docs/changelogs/CHANGES-pre-1.0.md?plain=1#L460" }, { "reference_url": "https://github.com/matrix-org/synapse/issues/4664", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/synapse/issues/4664" }, { "reference_url": "https://github.com/matrix-org/synapse/pull/4315", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/synapse/pull/4315" }, { "reference_url": "https://github.com/matrix-org/synapse/pull/4373", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/synapse/pull/4373" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2019-187.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2019-187.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/32Y6KD3OAHCG5P33HC2QEX3NUZOSXCGZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/32Y6KD3OAHCG5P33HC2QEX3NUZOSXCGZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/32Y6KD3OAHCG5P33HC2QEX3NUZOSXCGZ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/32Y6KD3OAHCG5P33HC2QEX3NUZOSXCGZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMCLO5PUPBA756UKY72PKUWL4RRM4W6K", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMCLO5PUPBA756UKY72PKUWL4RRM4W6K" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMCLO5PUPBA756UKY72PKUWL4RRM4W6K/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMCLO5PUPBA756UKY72PKUWL4RRM4W6K/" }, { "reference_url": "https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1" }, { "reference_url": "https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/" }, { "reference_url": "https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885" }, { "reference_url": "https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/" }, { "reference_url": "https://security.archlinux.org/ASA-201901-12", "reference_id": "ASA-201901-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-12" }, { "reference_url": "https://security.archlinux.org/AVG-846", "reference_id": "AVG-846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-846" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5885", "reference_id": "CVE-2019-5885", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5885" }, { "reference_url": "https://github.com/advisories/GHSA-jrqm-v8cv-53ww", "reference_id": "GHSA-jrqm-v8cv-53ww", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jrqm-v8cv-53ww" }, { "reference_url": "https://usn.ubuntu.com/6076-1/", "reference_id": "USN-6076-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6076-1/" } ], "weaknesses": [ { "cwe_id": 330, "name": "Use of Insufficiently Random Values", "description": "The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ary1-cnnt-duhg" }