{"url":"http://public2.vulnerablecode.io/api/packages/100679?format=json","purl":"pkg:rpm/redhat/rust-toolset-1.52@1.52.1-1?arch=el7_9","type":"rpm","namespace":"redhat","name":"rust-toolset-1.52","version":"1.52.1-1","qualifiers":{"arch":"el7_9"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31468?format=json","vulnerability_id":"VCID-4khp-kevq-xff5","summary":"Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28875.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28875","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61571","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61842","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61773","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61828","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61645","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61676","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61647","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61695","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61711","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61732","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.6172","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61742","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61747","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.6173","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61724","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61741","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61733","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61678","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61788","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.61744","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28875"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949194","reference_id":"1949194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949194"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803","reference_id":"986803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803"},{"reference_url":"https://security.archlinux.org/AVG-1803","reference_id":"AVG-1803","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1803"},{"reference_url":"https://security.gentoo.org/glsa/202210-09","reference_id":"GLSA-202210-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2021-28875"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4khp-kevq-xff5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31469?format=json","vulnerability_id":"VCID-7ap9-xghv-dbdy","summary":"Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28876.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28876.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28876","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61752","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62021","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61952","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62006","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61826","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61857","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61827","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61876","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61892","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61913","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61901","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61881","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61924","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61912","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61908","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61926","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61918","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61862","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.6191","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61971","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61925","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28876"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949198","reference_id":"1949198","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949198"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803","reference_id":"986803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803"},{"reference_url":"https://security.archlinux.org/AVG-1801","reference_id":"AVG-1801","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1801"},{"reference_url":"https://security.gentoo.org/glsa/202210-09","reference_id":"GLSA-202210-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2021-28876"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ap9-xghv-dbdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31474?format=json","vulnerability_id":"VCID-d8yv-ngej-1kf7","summary":"Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31162.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31162.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31162","reference_id":"","reference_type":"","scores":[{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72765","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.73006","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72946","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72998","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72773","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72793","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72769","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72822","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72846","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72821","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72862","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72873","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72864","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72905","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72913","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72908","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72934","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72959","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72922","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31162"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950398","reference_id":"1950398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950398"},{"reference_url":"https://security.archlinux.org/AVG-1801","reference_id":"AVG-1801","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1801"},{"reference_url":"https://security.gentoo.org/glsa/202210-09","reference_id":"GLSA-202210-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2021-31162"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8yv-ngej-1kf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31470?format=json","vulnerability_id":"VCID-fu46-5dhv-ckdt","summary":"Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28877.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28877","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50792","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50913","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50825","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50901","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50847","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50873","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50831","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50888","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50928","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5089","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50914","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50862","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5083","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50755","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50808","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50839","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50794","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28877"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949204","reference_id":"1949204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949204"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803","reference_id":"986803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803"},{"reference_url":"https://security.archlinux.org/AVG-1802","reference_id":"AVG-1802","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1802"},{"reference_url":"https://security.gentoo.org/glsa/202210-09","reference_id":"GLSA-202210-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2021-28877"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fu46-5dhv-ckdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31472?format=json","vulnerability_id":"VCID-pbjz-th4w-tqgb","summary":"Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28879.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28879.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28879","reference_id":"","reference_type":"","scores":[{"value":"0.011","scoring_system":"epss","scoring_elements":"0.77984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78243","published_at":"2026-05-15T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78186","published_at":"2026-05-12T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78229","published_at":"2026-05-14T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.77992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78022","published_at":"2026-04-04T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.7803","published_at":"2026-04-08T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78061","published_at":"2026-04-11T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78041","published_at":"2026-04-13T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78077","published_at":"2026-04-16T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78075","published_at":"2026-04-18T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78069","published_at":"2026-04-21T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78102","published_at":"2026-04-24T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78109","published_at":"2026-04-26T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78134","published_at":"2026-05-05T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.7816","published_at":"2026-05-07T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78177","published_at":"2026-05-09T12:55:00Z"},{"value":"0.011","scoring_system":"epss","scoring_elements":"0.78167","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28879"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949211","reference_id":"1949211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949211"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803","reference_id":"986803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803"},{"reference_url":"https://security.archlinux.org/AVG-1801","reference_id":"AVG-1801","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1801"},{"reference_url":"https://security.gentoo.org/glsa/202210-09","reference_id":"GLSA-202210-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2021-28879"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbjz-th4w-tqgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31471?format=json","vulnerability_id":"VCID-pvm9-wtbx-1ubx","summary":"Multiple vulnerabilities have been discovered in Rust, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28878.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28878.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28878","reference_id":"","reference_type":"","scores":[{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77065","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77338","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77277","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77324","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77071","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.771","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77115","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77131","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77126","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77167","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77169","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77161","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77195","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77202","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77216","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77221","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.7725","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77271","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.7726","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28878"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28878"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949207","reference_id":"1949207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949207"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803","reference_id":"986803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986803"},{"reference_url":"https://security.archlinux.org/AVG-1801","reference_id":"AVG-1801","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1801"},{"reference_url":"https://security.gentoo.org/glsa/202210-09","reference_id":"GLSA-202210-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2021-28878"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pvm9-wtbx-1ubx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80677?format=json","vulnerability_id":"VCID-wpe1-jr23-duhh","summary":"rust: optimization for joining strings can cause uninitialized bytes to be exposed","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36323.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36323.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36323","reference_id":"","reference_type":"","scores":[{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72059","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72288","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72223","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72281","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72086","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72062","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72099","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72111","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72134","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72118","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72104","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72145","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72152","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72182","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72191","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72186","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72177","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72207","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72234","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.72196","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36323"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950396","reference_id":"1950396","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950396"},{"reference_url":"https://security.archlinux.org/AVG-1801","reference_id":"AVG-1801","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3042","reference_id":"RHSA-2021:3042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3063","reference_id":"RHSA-2021:3063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3063"}],"fixed_packages":[],"aliases":["CVE-2020-36323"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpe1-jr23-duhh"}],"fixing_vulnerabilities":[],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rust-toolset-1.52@1.52.1-1%3Farch=el7_9"}