{"url":"http://public2.vulnerablecode.io/api/packages/1035670?format=json","purl":"pkg:deb/debian/libgcrypt20@1.6.3-2","type":"deb","namespace":"debian","name":"libgcrypt20","version":"1.6.3-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.11.2-3","latest_non_vulnerable_version":"1.12.2-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63494?format=json","vulnerability_id":"VCID-1ac2-kwet-r7bd","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0379.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0379.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0379","reference_id":"","reference_type":"","scores":[{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.82967","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83152","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83094","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83102","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83109","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83132","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.82983","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.82996","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.82993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83018","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83025","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83041","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83034","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.8303","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83068","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01856","scoring_system":"epss","scoring_elements":"0.83071","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0379"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0379","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0379"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1485921","reference_id":"1485921","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1485921"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873383","reference_id":"873383","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873383"},{"reference_url":"https://security.archlinux.org/ASA-201709-13","reference_id":"ASA-201709-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201709-13"},{"reference_url":"https://security.archlinux.org/ASA-201709-14","reference_id":"ASA-201709-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201709-14"},{"reference_url":"https://security.archlinux.org/AVG-402","reference_id":"AVG-402","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-402"},{"reference_url":"https://security.archlinux.org/AVG-403","reference_id":"AVG-403","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-403"},{"reference_url":"https://usn.ubuntu.com/3417-1/","reference_id":"USN-3417-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3417-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037108?format=json","purl":"pkg:deb/debian/libgcrypt20@1.7.6-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.7.6-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1049327?format=json","purl":"pkg:deb/debian/libgcrypt20@1.8.4-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-p7s2-dsa1-17fn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.8.4-5"}],"aliases":["CVE-2017-0379"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ac2-kwet-r7bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48282?format=json","vulnerability_id":"VCID-29jz-apk5-kbfa","summary":"A vulnerability in Libgcrypt could allow a local attacker to\n    recover sensitive information.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13627.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13627","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11742","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11663","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1176","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11689","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11611","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11526","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11862","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11906","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11693","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11778","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11831","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11841","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11802","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11775","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11639","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html"},{"reference_url":"https://minerva.crocs.fi.muni.cz/","reference_id":"","reference_type":"","scores":[],"url":"https://minerva.crocs.fi.muni.cz/"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2019-13627","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2019-13627"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/02/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/02/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764018","reference_id":"1764018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764018"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938938","reference_id":"938938","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938938"},{"reference_url":"https://security.archlinux.org/AVG-1044","reference_id":"AVG-1044","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1044"},{"reference_url":"https://security.archlinux.org/AVG-1045","reference_id":"AVG-1045","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1045"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.6.3-2\\+deb8u4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.6.3-2\\+deb8u4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.6.3-2\\+deb8u4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.7.6-2\\+deb9u3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.7.6-2\\+deb9u3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.7.6-2\\+deb9u3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.8.4-5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.8.4-5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgcrypt20_project:libgcrypt20:1.8.4-5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13627","reference_id":"CVE-2019-13627","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:N"},{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13627"},{"reference_url":"https://security.gentoo.org/glsa/202003-32","reference_id":"GLSA-202003-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4482","reference_id":"RHSA-2020:4482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4482"},{"reference_url":"https://usn.ubuntu.com/4236-1/","reference_id":"USN-4236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4236-1/"},{"reference_url":"https://usn.ubuntu.com/4236-2/","reference_id":"USN-4236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4236-2/"},{"reference_url":"https://usn.ubuntu.com/4236-3/","reference_id":"USN-4236-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4236-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049329?format=json","purl":"pkg:deb/debian/libgcrypt20@1.8.7-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qxvk-tsv9-9bf3"},{"vulnerability":"VCID-ym4a-3eek-9qch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.8.7-6"}],"aliases":["CVE-2019-13627"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29jz-apk5-kbfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73024?format=json","vulnerability_id":"VCID-2rew-mg3z-4bhj","summary":"security update","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3505","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1543","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1543"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0495.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0495.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0495","reference_id":"","reference_type":"","scores":[{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.4984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49838","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49901","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49907","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49861","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49779","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49877","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49856","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49911","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49922","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49894","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49895","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49941","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49914","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495"},{"reference_url":"https://dev.gnupg.org/T4011","reference_id":"","reference_type":"","scores":[],"url":"https://dev.gnupg.org/T4011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=9010d1576e278a4274ad3f4aa15776c28f6ba965","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=9010d1576e278a4274ad3f4aa15776c28f6ba965"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00013.html"},{"reference_url":"https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4231","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4231"},{"reference_url":"https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/","reference_id":"","reference_type":"","scores":[],"url":"https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"http://www.securitytracker.com/id/1041144","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041144"},{"reference_url":"http://www.securitytracker.com/id/1041147","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041147"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591163","reference_id":"1591163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591163"},{"reference_url":"https://security.archlinux.org/ASA-201806-10","reference_id":"ASA-201806-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-10"},{"reference_url":"https://security.archlinux.org/AVG-719","reference_id":"AVG-719","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-719"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:traffic_director:11.1.1.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:traffic_director:11.1.1.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:traffic_director:11.1.1.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0495","reference_id":"CVE-2018-0495","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"},{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3221","reference_id":"RHSA-2018:3221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1296","reference_id":"RHSA-2019:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1297","reference_id":"RHSA-2019:1297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2237","reference_id":"RHSA-2019:2237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1267","reference_id":"RHSA-2020:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1345","reference_id":"RHSA-2020:1345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1461","reference_id":"RHSA-2020:1461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1461"},{"reference_url":"https://usn.ubuntu.com/3689-1/","reference_id":"USN-3689-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3689-1/"},{"reference_url":"https://usn.ubuntu.com/3689-2/","reference_id":"USN-3689-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3689-2/"},{"reference_url":"https://usn.ubuntu.com/3692-1/","reference_id":"USN-3692-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3692-1/"},{"reference_url":"https://usn.ubuntu.com/3692-2/","reference_id":"USN-3692-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3692-2/"},{"reference_url":"https://usn.ubuntu.com/3850-1/","reference_id":"USN-3850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3850-1/"},{"reference_url":"https://usn.ubuntu.com/3850-2/","reference_id":"USN-3850-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3850-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037108?format=json","purl":"pkg:deb/debian/libgcrypt20@1.7.6-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.7.6-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1049327?format=json","purl":"pkg:deb/debian/libgcrypt20@1.8.4-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-p7s2-dsa1-17fn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.8.4-5"}],"aliases":["CVE-2018-0495"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2rew-mg3z-4bhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84276?format=json","vulnerability_id":"VCID-3c5z-xcqj-nfea","summary":"libgcrypt: Possible timing attack on EdDSA session key","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9526.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9526","reference_id":"","reference_type":"","scores":[{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70802","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70978","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70956","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70938","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70817","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.7081","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70854","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70869","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70877","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70861","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70907","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70914","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70893","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70948","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70958","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9526"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:N"},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459887","reference_id":"1459887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459887"},{"reference_url":"https://usn.ubuntu.com/3347-1/","reference_id":"USN-3347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3347-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035671?format=json","purl":"pkg:deb/debian/libgcrypt20@1.6.3-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-3c5z-xcqj-nfea"},{"vulnerability":"VCID-5tpu-zawb-f3as"},{"vulnerability":"VCID-cbwg-mywq-y7af"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.6.3-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037107?format=json","purl":"pkg:deb/debian/libgcrypt20@1.7.6-2%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.7.6-2%252Bdeb9u1"}],"aliases":["CVE-2017-9526"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3c5z-xcqj-nfea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36362?format=json","vulnerability_id":"VCID-5tpu-zawb-f3as","summary":"Due to a design flaw, the output of GnuPG's Random Number Generator\n    (RNG) is predictable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6313.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6313.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6313","reference_id":"","reference_type":"","scores":[{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86905","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86915","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86934","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86927","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86948","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86955","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86969","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86964","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86958","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86973","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86977","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86975","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86994","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.86999","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.87001","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.87021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03177","scoring_system":"epss","scoring_elements":"0.87038","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1366105","reference_id":"1366105","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1366105"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834894","reference_id":"834894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834894"},{"reference_url":"https://security.gentoo.org/glsa/201610-04","reference_id":"GLSA-201610-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-04"},{"reference_url":"https://security.gentoo.org/glsa/201612-01","reference_id":"GLSA-201612-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2674","reference_id":"RHSA-2016:2674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2674"},{"reference_url":"https://usn.ubuntu.com/3064-1/","reference_id":"USN-3064-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3064-1/"},{"reference_url":"https://usn.ubuntu.com/3065-1/","reference_id":"USN-3065-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3065-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035671?format=json","purl":"pkg:deb/debian/libgcrypt20@1.6.3-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-3c5z-xcqj-nfea"},{"vulnerability":"VCID-5tpu-zawb-f3as"},{"vulnerability":"VCID-cbwg-mywq-y7af"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.6.3-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037106?format=json","purl":"pkg:deb/debian/libgcrypt20@1.7.6-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-3c5z-xcqj-nfea"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.7.6-1~bpo8%252B1"}],"aliases":["CVE-2016-6313"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tpu-zawb-f3as"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47197?format=json","vulnerability_id":"VCID-cbwg-mywq-y7af","summary":"Multiple vulnerabilities have been fixed in libgcrypt,the worst of\n    which results in predictable output from the random number generator.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00027.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7511.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7511","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1505","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15057","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14927","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15192","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15231","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.153","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15103","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15191","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15243","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15213","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15174","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15012","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15021","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15073","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15111","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15115","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7511"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2IL4PAEICHGA2XMQYRY3MIWHM4GMPAG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2IL4PAEICHGA2XMQYRY3MIWHM4GMPAG/"},{"reference_url":"https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html"},{"reference_url":"http://www.cs.tau.ac.IL/~tromer/ecdh/","reference_id":"","reference_type":"","scores":[],"url":"http://www.cs.tau.ac.IL/~tromer/ecdh/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3474","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3474"},{"reference_url":"http://www.debian.org/security/2016/dsa-3478","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3478"},{"reference_url":"http://www.securityfocus.com/bid/83253","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/83253"},{"reference_url":"http://www.ubuntu.com/usn/USN-2896-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2896-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306184","reference_id":"1306184","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306184"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7511","reference_id":"CVE-2015-7511","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"},{"value":"2.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7511"},{"reference_url":"https://security.gentoo.org/glsa/201610-04","reference_id":"GLSA-201610-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-04"},{"reference_url":"https://usn.ubuntu.com/2896-1/","reference_id":"USN-2896-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2896-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035671?format=json","purl":"pkg:deb/debian/libgcrypt20@1.6.3-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-3c5z-xcqj-nfea"},{"vulnerability":"VCID-5tpu-zawb-f3as"},{"vulnerability":"VCID-cbwg-mywq-y7af"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.6.3-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037106?format=json","purl":"pkg:deb/debian/libgcrypt20@1.7.6-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-3c5z-xcqj-nfea"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.7.6-1~bpo8%252B1"}],"aliases":["CVE-2015-7511"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbwg-mywq-y7af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60158?format=json","vulnerability_id":"VCID-p7s2-dsa1-17fn","summary":"Multiple vulnerabilities have been found in libgcrypt, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40528.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40528","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26859","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.269","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26487","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26843","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26798","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26741","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26749","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26685","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26629","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26622","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2655","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26417","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26723","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26792","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002816","reference_id":"2002816","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002816"},{"reference_url":"https://eprint.iacr.org/2021/923","reference_id":"923","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:12:20Z/"}],"url":"https://eprint.iacr.org/2021/923"},{"reference_url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320","reference_id":"gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:12:20Z/"}],"url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=3462280f2e23e16adf3ed5176e0f2413d8861320"},{"reference_url":"https://security.gentoo.org/glsa/202210-13","reference_id":"GLSA-202210-13","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:12:20Z/"}],"url":"https://security.gentoo.org/glsa/202210-13"},{"reference_url":"https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1","reference_id":"insecurity-elgamal-pt1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:12:20Z/"}],"url":"https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1"},{"reference_url":"https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2","reference_id":"insecurity-elgamal-pt2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:12:20Z/"}],"url":"https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5311","reference_id":"RHSA-2022:5311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5311"},{"reference_url":"https://usn.ubuntu.com/5080-1/","reference_id":"USN-5080-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5080-1/"},{"reference_url":"https://usn.ubuntu.com/5080-2/","reference_id":"USN-5080-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5080-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049329?format=json","purl":"pkg:deb/debian/libgcrypt20@1.8.7-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qxvk-tsv9-9bf3"},{"vulnerability":"VCID-ym4a-3eek-9qch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.8.7-6"}],"aliases":["CVE-2021-40528"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7s2-dsa1-17fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72570?format=json","vulnerability_id":"VCID-xcyv-byj5-8fb3","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7526.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7526","reference_id":"","reference_type":"","scores":[{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85461","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85474","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85491","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85495","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85515","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85524","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85538","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85537","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85533","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85556","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85562","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85589","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85606","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02567","scoring_system":"epss","scoring_elements":"0.85628","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02636","scoring_system":"epss","scoring_elements":"0.85744","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02636","scoring_system":"epss","scoring_elements":"0.85721","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:N/A:N"},{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html","reference_id":"000408.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html"},{"reference_url":"http://www.securitytracker.com/id/1038915","reference_id":"1038915","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"http://www.securitytracker.com/id/1038915"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466265","reference_id":"1466265","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466265"},{"reference_url":"https://eprint.iacr.org/2017/627","reference_id":"627","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://eprint.iacr.org/2017/627"},{"reference_url":"http://www.securityfocus.com/bid/99338","reference_id":"99338","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"http://www.securityfocus.com/bid/99338"},{"reference_url":"https://security.archlinux.org/ASA-201707-1","reference_id":"ASA-201707-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-1"},{"reference_url":"https://security.archlinux.org/AVG-338","reference_id":"AVG-338","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-338"},{"reference_url":"https://www.debian.org/security/2017/dsa-3901","reference_id":"dsa-3901","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://www.debian.org/security/2017/dsa-3901"},{"reference_url":"https://www.debian.org/security/2017/dsa-3960","reference_id":"dsa-3960","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://www.debian.org/security/2017/dsa-3960"},{"reference_url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a","reference_id":"gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=78130828e9a140a9de4dafadbc844dbb64cb709a"},{"reference_url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce","reference_id":"gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=8725c99ffa41778f382ca97233183bcd687bb0ce"},{"reference_url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9","reference_id":"gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=e6a3dc9900433bbc8ad362a595a3837318c28fa9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526","reference_id":"show_bug.cgi?id=CVE-2017-7526","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7526"},{"reference_url":"https://usn.ubuntu.com/3347-1/","reference_id":"USN-3347-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3347-1/"},{"reference_url":"https://usn.ubuntu.com/3347-2/","reference_id":"USN-3347-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3347-2/"},{"reference_url":"https://usn.ubuntu.com/3733-1/","reference_id":"USN-3733-1","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://usn.ubuntu.com/3733-1/"},{"reference_url":"https://usn.ubuntu.com/3733-2/","reference_id":"USN-3733-2","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:06:07Z/"}],"url":"https://usn.ubuntu.com/3733-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035671?format=json","purl":"pkg:deb/debian/libgcrypt20@1.6.3-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-3c5z-xcqj-nfea"},{"vulnerability":"VCID-5tpu-zawb-f3as"},{"vulnerability":"VCID-cbwg-mywq-y7af"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.6.3-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037107?format=json","purl":"pkg:deb/debian/libgcrypt20@1.7.6-2%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ac2-kwet-r7bd"},{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-2rew-mg3z-4bhj"},{"vulnerability":"VCID-p7s2-dsa1-17fn"},{"vulnerability":"VCID-xcyv-byj5-8fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.7.6-2%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049327?format=json","purl":"pkg:deb/debian/libgcrypt20@1.8.4-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29jz-apk5-kbfa"},{"vulnerability":"VCID-p7s2-dsa1-17fn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.8.4-5"}],"aliases":["CVE-2017-7526"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xcyv-byj5-8fb3"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgcrypt20@1.6.3-2"}