{"url":"http://public2.vulnerablecode.io/api/packages/103133?format=json","purl":"pkg:rpm/redhat/kernel@3.10.0-957.56.1?arch=el7","type":"rpm","namespace":"redhat","name":"kernel","version":"3.10.0-957.56.1","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83721?format=json","vulnerability_id":"VCID-11nf-xxx4-4yfw","summary":"kernel: denial of service via ioctl call in network tun handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7191.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7191","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22142","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22363","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2231","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22161","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22149","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22539","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.2267","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22687","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22646","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22591","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22606","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22535","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22616","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22752","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7191"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716328","reference_id":"1716328","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1070","reference_id":"RHSA-2020:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2522","reference_id":"RHSA-2020:2522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"}],"fixed_packages":[],"aliases":["CVE-2018-7191"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11nf-xxx4-4yfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82123?format=json","vulnerability_id":"VCID-cjcd-saft-fqds","summary":"kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15916.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15916","reference_id":"","reference_type":"","scores":[{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85576","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85522","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85545","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.8555","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85546","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85568","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85578","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85504","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85527","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85525","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.85565","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.85583","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.85553","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15916"},{"reference_url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.1","reference_id":"","reference_type":"","scores":[],"url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.1"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15916"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab","reference_id":"","reference_type":"","scores":[],"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191004-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191004-0001/"},{"reference_url":"https://support.f5.com/csp/article/K57418558?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K57418558?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1750813","reference_id":"1750813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1750813"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15916","reference_id":"CVE-2019-15916","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3309","reference_id":"RHSA-2019:3309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3517","reference_id":"RHSA-2019:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0740","reference_id":"RHSA-2020:0740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1070","reference_id":"RHSA-2020:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2522","reference_id":"RHSA-2020:2522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"}],"fixed_packages":[],"aliases":["CVE-2019-15916"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjcd-saft-fqds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81786?format=json","vulnerability_id":"VCID-f28k-7vg3-jffy","summary":"kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18660.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18660.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18660","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08179","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08236","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08291","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08241","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08306","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08323","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08315","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08294","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08278","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0817","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08157","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08321","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08296","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08256","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08222","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18660"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18660","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18660"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1777825","reference_id":"1777825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1777825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0174","reference_id":"RHSA-2020:0174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1372","reference_id":"RHSA-2020:1372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1984","reference_id":"RHSA-2020:1984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2429","reference_id":"RHSA-2020:2429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2933","reference_id":"RHSA-2020:2933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2933"},{"reference_url":"https://usn.ubuntu.com/4225-1/","reference_id":"USN-4225-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4225-1/"},{"reference_url":"https://usn.ubuntu.com/4225-2/","reference_id":"USN-4225-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4225-2/"},{"reference_url":"https://usn.ubuntu.com/4226-1/","reference_id":"USN-4226-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4226-1/"},{"reference_url":"https://usn.ubuntu.com/4227-1/","reference_id":"USN-4227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4227-1/"},{"reference_url":"https://usn.ubuntu.com/4227-2/","reference_id":"USN-4227-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4227-2/"},{"reference_url":"https://usn.ubuntu.com/4228-1/","reference_id":"USN-4228-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4228-1/"},{"reference_url":"https://usn.ubuntu.com/4228-2/","reference_id":"USN-4228-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4228-2/"}],"fixed_packages":[],"aliases":["CVE-2019-18660"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f28k-7vg3-jffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85203?format=json","vulnerability_id":"VCID-fb43-v8p6-wqbb","summary":"kernel: perf_event_open() and execve() race in setuid programs allows a data leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3901.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3901.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3901","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20974","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21129","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21183","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20896","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20977","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2101","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20958","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20946","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20926","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20796","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20791","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20759","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3901"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701245","reference_id":"1701245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1701245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1070","reference_id":"RHSA-2020:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2522","reference_id":"RHSA-2020:2522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"}],"fixed_packages":[],"aliases":["CVE-2019-3901"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fb43-v8p6-wqbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81313?format=json","vulnerability_id":"VCID-frc9-2j9d-suha","summary":"Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12888.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12888.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12888","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26597","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26641","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26496","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26545","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26551","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26505","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26448","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26454","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26425","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26325","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26318","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26266","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12888"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836244","reference_id":"1836244","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2664","reference_id":"RHSA-2020:2664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2665","reference_id":"RHSA-2020:2665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2831","reference_id":"RHSA-2020:2831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2832","reference_id":"RHSA-2020:2832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2854","reference_id":"RHSA-2020:2854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3010","reference_id":"RHSA-2020:3010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3016","reference_id":"RHSA-2020:3016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3019","reference_id":"RHSA-2020:3019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3041","reference_id":"RHSA-2020:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3222","reference_id":"RHSA-2020:3222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3230","reference_id":"RHSA-2020:3230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3230"},{"reference_url":"https://usn.ubuntu.com/4525-1/","reference_id":"USN-4525-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4525-1/"},{"reference_url":"https://usn.ubuntu.com/4526-1/","reference_id":"USN-4526-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4526-1/"},{"reference_url":"https://usn.ubuntu.com/5361-1/","reference_id":"USN-5361-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5361-1/"}],"fixed_packages":[],"aliases":["CVE-2020-12888"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frc9-2j9d-suha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82435?format=json","vulnerability_id":"VCID-hmp6-1pt2-3udk","summary":"kernel: use-after-free in arch/x86/lib/insn-eval.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13233.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13233","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16319","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16471","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16365","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16363","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17025","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16954","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16928","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16882","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16824","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16758","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16764","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16801","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16969","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1999"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727756","reference_id":"1727756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3309","reference_id":"RHSA-2019:3309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3517","reference_id":"RHSA-2019:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1070","reference_id":"RHSA-2020:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2522","reference_id":"RHSA-2020:2522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://usn.ubuntu.com/4093-1/","reference_id":"USN-4093-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4093-1/"},{"reference_url":"https://usn.ubuntu.com/4094-1/","reference_id":"USN-4094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4094-1/"},{"reference_url":"https://usn.ubuntu.com/4117-1/","reference_id":"USN-4117-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4117-1/"},{"reference_url":"https://usn.ubuntu.com/4118-1/","reference_id":"USN-4118-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4118-1/"}],"fixed_packages":[],"aliases":["CVE-2019-13233"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmp6-1pt2-3udk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79240?format=json","vulnerability_id":"VCID-kecy-99uv-fqdy","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14821.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14821","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23799","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23839","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23615","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23685","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23731","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23683","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28612","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28499","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28425","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28873","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28828","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28779","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28775","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28726","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15902"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1746708","reference_id":"1746708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1746708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3309","reference_id":"RHSA-2019:3309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3517","reference_id":"RHSA-2019:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3978","reference_id":"RHSA-2019:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3979","reference_id":"RHSA-2019:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4154","reference_id":"RHSA-2019:4154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4256","reference_id":"RHSA-2019:4256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0027","reference_id":"RHSA-2020:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0204","reference_id":"RHSA-2020:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://usn.ubuntu.com/4157-1/","reference_id":"USN-4157-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4157-1/"},{"reference_url":"https://usn.ubuntu.com/4157-2/","reference_id":"USN-4157-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4157-2/"},{"reference_url":"https://usn.ubuntu.com/4162-1/","reference_id":"USN-4162-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4162-1/"},{"reference_url":"https://usn.ubuntu.com/4162-2/","reference_id":"USN-4162-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4162-2/"},{"reference_url":"https://usn.ubuntu.com/4163-1/","reference_id":"USN-4163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4163-1/"},{"reference_url":"https://usn.ubuntu.com/4163-2/","reference_id":"USN-4163-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4163-2/"}],"fixed_packages":[],"aliases":["CVE-2019-14821"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kecy-99uv-fqdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82957?format=json","vulnerability_id":"VCID-uss1-mjb5-fqb4","summary":"kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20169.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20169","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2919","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29079","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29142","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29184","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29143","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29534","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.2965","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29601","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31351","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31384","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31364","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31335","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31043","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30965","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31165","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660385","reference_id":"1660385","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3309","reference_id":"RHSA-2019:3309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3517","reference_id":"RHSA-2019:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1016","reference_id":"RHSA-2020:1016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1070","reference_id":"RHSA-2020:1070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2522","reference_id":"RHSA-2020:2522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2770","reference_id":"RHSA-2020:2770","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2777","reference_id":"RHSA-2020:2777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://usn.ubuntu.com/3879-1/","reference_id":"USN-3879-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3879-1/"},{"reference_url":"https://usn.ubuntu.com/3879-2/","reference_id":"USN-3879-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3879-2/"},{"reference_url":"https://usn.ubuntu.com/4094-1/","reference_id":"USN-4094-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4094-1/"},{"reference_url":"https://usn.ubuntu.com/4118-1/","reference_id":"USN-4118-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4118-1/"}],"fixed_packages":[],"aliases":["CVE-2018-20169"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uss1-mjb5-fqb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82594?format=json","vulnerability_id":"VCID-wmsp-63rg-yyeu","summary":"kernel: Count overflow in FUSE request leading to use-after-free issues.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11487.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11487.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11487","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.3009","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30175","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29989","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30084","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30089","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29995","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.3001","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.2999","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29945","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29872","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29758","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29694","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11487"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1703063","reference_id":"1703063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1703063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2703","reference_id":"RHSA-2019:2703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2741","reference_id":"RHSA-2019:2741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0174","reference_id":"RHSA-2020:0174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0834","reference_id":"RHSA-2020:0834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0834"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0839","reference_id":"RHSA-2020:0839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2851","reference_id":"RHSA-2020:2851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3230","reference_id":"RHSA-2020:3230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3266","reference_id":"RHSA-2020:3266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4182","reference_id":"RHSA-2020:4182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4182"},{"reference_url":"https://usn.ubuntu.com/4069-1/","reference_id":"USN-4069-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4069-1/"},{"reference_url":"https://usn.ubuntu.com/4069-2/","reference_id":"USN-4069-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4069-2/"},{"reference_url":"https://usn.ubuntu.com/4115-1/","reference_id":"USN-4115-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4115-1/"},{"reference_url":"https://usn.ubuntu.com/4118-1/","reference_id":"USN-4118-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4118-1/"},{"reference_url":"https://usn.ubuntu.com/4145-1/","reference_id":"USN-4145-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4145-1/"}],"fixed_packages":[],"aliases":["CVE-2019-11487"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmsp-63rg-yyeu"}],"fixing_vulnerabilities":[],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@3.10.0-957.56.1%3Farch=el7"}