{"url":"http://public2.vulnerablecode.io/api/packages/1037261?format=json","purl":"pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2","type":"deb","namespace":"debian","name":"libvpx","version":"1.6.1-3+deb9u2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.12.0-1+deb12u4","latest_non_vulnerable_version":"1.12.0-1+deb12u4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47983?format=json","vulnerability_id":"VCID-59n6-fj5x-33gn","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9232","reference_id":"","reference_type":"","scores":[{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92699","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92819","published_at":"2026-05-14T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92783","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92788","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92794","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92706","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92711","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92721","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92726","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92731","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.9273","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92742","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92747","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92754","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92749","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92758","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92771","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788966","reference_id":"1788966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788966"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9232","reference_id":"CVE-2019-9232","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9232"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3876","reference_id":"RHSA-2020:3876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4629","reference_id":"RHSA-2020:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4629"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"},{"reference_url":"https://usn.ubuntu.com/4199-2/","reference_id":"USN-4199-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9232"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-59n6-fj5x-33gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81534?format=json","vulnerability_id":"VCID-7s5h-zrax-hkcv","summary":"libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-0034","reference_id":"","reference_type":"","scores":[{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89088","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.8924","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89214","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89211","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.8922","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89097","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89112","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89114","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89132","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89137","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89148","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89144","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89142","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89155","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89152","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89169","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89174","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89178","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89187","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0451","scoring_system":"epss","scoring_elements":"0.89203","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-0034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html"},{"reference_url":"https://source.android.com/security/bulletin/2020-03-01","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/2020-03-01"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813000","reference_id":"1813000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813000"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-0034","reference_id":"CVE-2020-0034","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3876","reference_id":"RHSA-2020:3876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3876"},{"reference_url":"https://usn.ubuntu.com/5637-1/","reference_id":"USN-5637-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5637-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"}],"aliases":["CVE-2020-0034"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s5h-zrax-hkcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62756?format=json","vulnerability_id":"VCID-8vka-qus2-tbhj","summary":"Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2447","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03974","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03958","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03874","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03839","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03829","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0385","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03877","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03896","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03927","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03902","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05283","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0519","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05192","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05179","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05229","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05274","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05284","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05281","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283","reference_id":"1128283","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440219","reference_id":"2440219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2440219"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-10","reference_id":"mfsa2026-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-10/","reference_id":"mfsa2026-10","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-11","reference_id":"mfsa2026-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-11/","reference_id":"mfsa2026-11","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-11/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16174","reference_id":"RHSA-2026:16174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3338","reference_id":"RHSA-2026:3338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3339","reference_id":"RHSA-2026:3339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3361","reference_id":"RHSA-2026:3361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3491","reference_id":"RHSA-2026:3491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3492","reference_id":"RHSA-2026:3492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3493","reference_id":"RHSA-2026:3493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3494","reference_id":"RHSA-2026:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3495","reference_id":"RHSA-2026:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3496","reference_id":"RHSA-2026:3496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3497","reference_id":"RHSA-2026:3497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3515","reference_id":"RHSA-2026:3515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3516","reference_id":"RHSA-2026:3516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3517","reference_id":"RHSA-2026:3517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3967","reference_id":"RHSA-2026:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3976","reference_id":"RHSA-2026:3976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3978","reference_id":"RHSA-2026:3978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3979","reference_id":"RHSA-2026:3979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3980","reference_id":"RHSA-2026:3980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3981","reference_id":"RHSA-2026:3981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3982","reference_id":"RHSA-2026:3982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3983","reference_id":"RHSA-2026:3983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3984","reference_id":"RHSA-2026:3984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4022","reference_id":"RHSA-2026:4022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4152","reference_id":"RHSA-2026:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4260","reference_id":"RHSA-2026:4260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4432","reference_id":"RHSA-2026:4432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4447","reference_id":"RHSA-2026:4447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4629","reference_id":"RHSA-2026:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5227","reference_id":"RHSA-2026:5227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5228","reference_id":"RHSA-2026:5228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5229","reference_id":"RHSA-2026:5229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5230","reference_id":"RHSA-2026:5230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5231","reference_id":"RHSA-2026:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5319","reference_id":"RHSA-2026:5319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5320","reference_id":"RHSA-2026:5320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5323","reference_id":"RHSA-2026:5323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5324","reference_id":"RHSA-2026:5324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5326","reference_id":"RHSA-2026:5326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8746","reference_id":"RHSA-2026:8746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8747","reference_id":"RHSA-2026:8747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8748","reference_id":"RHSA-2026:8748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8748"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014390","reference_id":"show_bug.cgi?id=2014390","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2014390"},{"reference_url":"https://usn.ubuntu.com/8053-1/","reference_id":"USN-8053-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8053-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050326?format=json","purl":"pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4"}],"aliases":["CVE-2026-2447"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56158?format=json","vulnerability_id":"VCID-98mt-7srw-qfh4","summary":"A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5283","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50726","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50744","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50693","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50701","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50657","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.5058","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50633","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50662","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50616","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50648","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50681","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50707","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50663","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50718","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50714","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50756","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50733","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50758","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50764","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689","reference_id":"1106689","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368749","reference_id":"2368749","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368749"},{"reference_url":"https://issues.chromium.org/issues/419467315","reference_id":"419467315","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/"}],"url":"https://issues.chromium.org/issues/419467315"},{"reference_url":"https://security.gentoo.org/glsa/202509-07","reference_id":"GLSA-202509-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8293","reference_id":"RHSA-2025:8293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8308","reference_id":"RHSA-2025:8308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8341","reference_id":"RHSA-2025:8341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8598","reference_id":"RHSA-2025:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8599","reference_id":"RHSA-2025:8599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8607","reference_id":"RHSA-2025:8607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8608","reference_id":"RHSA-2025:8608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8628","reference_id":"RHSA-2025:8628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8629","reference_id":"RHSA-2025:8629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8630","reference_id":"RHSA-2025:8630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8631","reference_id":"RHSA-2025:8631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8642","reference_id":"RHSA-2025:8642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8756","reference_id":"RHSA-2025:8756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9071","reference_id":"RHSA-2025:9071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9072","reference_id":"RHSA-2025:9072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9073","reference_id":"RHSA-2025:9073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9074","reference_id":"RHSA-2025:9074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9075","reference_id":"RHSA-2025:9075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9076","reference_id":"RHSA-2025:9076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9077","reference_id":"RHSA-2025:9077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9118","reference_id":"RHSA-2025:9118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9119","reference_id":"RHSA-2025:9119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9120","reference_id":"RHSA-2025:9120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9122","reference_id":"RHSA-2025:9122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9123","reference_id":"RHSA-2025:9123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9124","reference_id":"RHSA-2025:9124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9125","reference_id":"RHSA-2025:9125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9126","reference_id":"RHSA-2025:9126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9127","reference_id":"RHSA-2025:9127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9128","reference_id":"RHSA-2025:9128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9155","reference_id":"RHSA-2025:9155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9331","reference_id":"RHSA-2025:9331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9331"},{"reference_url":"https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html","reference_id":"stable-channel-update-for-desktop_27.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/"}],"url":"https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html"},{"reference_url":"https://usn.ubuntu.com/7551-1/","reference_id":"USN-7551-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7551-1/"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050326?format=json","purl":"pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4"}],"aliases":["CVE-2025-5283"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98mt-7srw-qfh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47986?format=json","vulnerability_id":"VCID-djwx-su1m-57h4","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9433","reference_id":"","reference_type":"","scores":[{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92385","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92498","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92467","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92471","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92478","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92399","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92419","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92436","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92442","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92447","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92458","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9433"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788994","reference_id":"1788994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788994"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9433","reference_id":"CVE-2019-9433","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9433"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3876","reference_id":"RHSA-2020:3876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4629","reference_id":"RHSA-2020:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4629"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"},{"reference_url":"https://usn.ubuntu.com/4199-2/","reference_id":"USN-4199-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9433"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djwx-su1m-57h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19209?format=json","vulnerability_id":"VCID-f81v-9fv8-93cd","summary":"Out-of-bounds Write\nHeap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.87744","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.87745","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.87722","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.87728","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.8774","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.87731","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03573","scoring_system":"epss","scoring_elements":"0.87733","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88728","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88723","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88764","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88766","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88754","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88738","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88729","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04175","scoring_system":"epss","scoring_elements":"0.88708","published_at":"2026-04-21T12:55:00Z"},{"value":"0.049","scoring_system":"epss","scoring_elements":"0.89576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.049","scoring_system":"epss","scoring_elements":"0.89562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05383","scoring_system":"epss","scoring_elements":"0.90182","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05383","scoring_system":"epss","scoring_elements":"0.90196","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5217"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software"},{"reference_url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241191"},{"reference_url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"},{"reference_url":"https://crbug.com/1486441","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://crbug.com/1486441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/12"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/16","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/16"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/electron/electron","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron"},{"reference_url":"https://github.com/electron/electron/pull/40022","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40022"},{"reference_url":"https://github.com/electron/electron/pull/40023","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40023"},{"reference_url":"https://github.com/electron/electron/pull/40024","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40024"},{"reference_url":"https://github.com/electron/electron/pull/40025","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40025"},{"reference_url":"https://github.com/electron/electron/pull/40026","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/40026"},{"reference_url":"https://github.com/electron/electron/releases/tag/v22.3.25","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v22.3.25"},{"reference_url":"https://github.com/electron/electron/releases/tag/v24.8.5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v24.8.5"},{"reference_url":"https://github.com/electron/electron/releases/tag/v25.8.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v25.8.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v26.2.4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v26.2.4"},{"reference_url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/releases/tag/v27.0.0-beta.8"},{"reference_url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"},{"reference_url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"},{"reference_url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/releases/tag/v1.13.1"},{"reference_url":"https://github.com/webmproject/libvpx/tags","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://github.com/webmproject/libvpx/tags"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"},{"reference_url":"https://pastebin.com/TdkC4pDv","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://pastebin.com/TdkC4pDv"},{"reference_url":"https://security.gentoo.org/glsa/202310-04","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202310-04"},{"reference_url":"https://security.gentoo.org/glsa/202401-34","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security.gentoo.org/glsa/202401-34"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217"},{"reference_url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"},{"reference_url":"https://support.apple.com/kb/HT213961","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213961"},{"reference_url":"https://support.apple.com/kb/HT213972","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://support.apple.com/kb/HT213972"},{"reference_url":"https://twitter.com/maddiestone/status/1707163313711497266","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://twitter.com/maddiestone/status/1707163313711497266"},{"reference_url":"https://www.debian.org/security/2023/dsa-5508","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5508"},{"reference_url":"https://www.debian.org/security/2023/dsa-5509","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5509"},{"reference_url":"https://www.debian.org/security/2023/dsa-5510","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.debian.org/security/2023/dsa-5510"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"critical","scoring_system":"generic_textual","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/12","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/14","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/29/9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/29/9"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/30/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/30/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/01/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/01/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/02/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/02/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/03/11","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/03/11"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182","reference_id":"1053182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/","reference_id":"AY642Z6JZODQJE7Z62CFREVUHEGCXGPD","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-5217","reference_id":"CVE-2023-5217","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-5217"},{"reference_url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g","reference_id":"GHSA-qqvq-6xgj-jw8g","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qqvq-6xgj-jw8g"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5426","reference_id":"RHSA-2023:5426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5427","reference_id":"RHSA-2023:5427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5428","reference_id":"RHSA-2023:5428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5429","reference_id":"RHSA-2023:5429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5430","reference_id":"RHSA-2023:5430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5432","reference_id":"RHSA-2023:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5433","reference_id":"RHSA-2023:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5434","reference_id":"RHSA-2023:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5435","reference_id":"RHSA-2023:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5436","reference_id":"RHSA-2023:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5437","reference_id":"RHSA-2023:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5438","reference_id":"RHSA-2023:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5439","reference_id":"RHSA-2023:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5440","reference_id":"RHSA-2023:5440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5475","reference_id":"RHSA-2023:5475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5477","reference_id":"RHSA-2023:5477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5534","reference_id":"RHSA-2023:5534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5535","reference_id":"RHSA-2023:5535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5536","reference_id":"RHSA-2023:5536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5537","reference_id":"RHSA-2023:5537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5538","reference_id":"RHSA-2023:5538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5539","reference_id":"RHSA-2023:5539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5540","reference_id":"RHSA-2023:5540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5540"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","reference_id":"TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"},{"reference_url":"https://usn.ubuntu.com/6403-1/","reference_id":"USN-6403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-1/"},{"reference_url":"https://usn.ubuntu.com/6403-2/","reference_id":"USN-6403-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-2/"},{"reference_url":"https://usn.ubuntu.com/6403-3/","reference_id":"USN-6403-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-3/"},{"reference_url":"https://usn.ubuntu.com/6404-1/","reference_id":"USN-6404-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6404-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"},{"reference_url":"https://usn.ubuntu.com/7172-1/","reference_id":"USN-7172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2023-5217","GHSA-qqvq-6xgj-jw8g"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f81v-9fv8-93cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68142?format=json","vulnerability_id":"VCID-hhsp-7swr-qybd","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13194","reference_id":"","reference_type":"","scores":[{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79307","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79314","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79323","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79349","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79358","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79381","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79366","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79356","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79382","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79378","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79412","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79417","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79432","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79441","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79462","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79479","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79497","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79535","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13194"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535183","reference_id":"1535183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535183"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"},{"reference_url":"https://usn.ubuntu.com/4199-2/","reference_id":"USN-4199-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"}],"aliases":["CVE-2017-13194"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhsp-7swr-qybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75512?format=json","vulnerability_id":"VCID-kuxu-ty5p-8qbf","summary":"libvpx: Heap buffer overflow related to VP9 encoding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6349","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23348","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23124","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23064","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23028","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23045","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23388","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23176","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2325","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23321","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23283","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23242","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23235","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23215","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23022","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23015","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22904","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22989","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://crbug.com/webm/1642","reference_id":"1642","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:N/AU:N/R:A/V:D"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:01:21Z/"}],"url":"https://crbug.com/webm/1642"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283553","reference_id":"2283553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2283553"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5941","reference_id":"RHSA-2024:5941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4128","reference_id":"RHSA-2026:4128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4128"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2023-6349"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuxu-ty5p-8qbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59348?format=json","vulnerability_id":"VCID-mcab-z6qn-gkds","summary":"Multiple vulnerabilities have been discovered in libvpx, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44488","reference_id":"","reference_type":"","scores":[{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80941","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80769","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80753","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80745","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80782","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80784","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80807","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80812","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80826","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80843","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80865","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80886","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.8088","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80899","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80744","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01446","scoring_system":"epss","scoring_elements":"0.80752","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.80975","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.80997","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.80999","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44488"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241806","reference_id":"2241806","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241806"},{"reference_url":"https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f","reference_id":"263682c9a29395055f3b3afe2d97be1828a6223f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/"}],"url":"https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f"},{"reference_url":"https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937","reference_id":"df9fd9d5b7325060b2b921558a1eb20ca7880937","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/"}],"url":"https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937"},{"reference_url":"https://www.debian.org/security/2023/dsa-5518","reference_id":"dsa-5518","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/"}],"url":"https://www.debian.org/security/2023/dsa-5518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5534","reference_id":"RHSA-2023:5534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5535","reference_id":"RHSA-2023:5535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5536","reference_id":"RHSA-2023:5536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5537","reference_id":"RHSA-2023:5537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5538","reference_id":"RHSA-2023:5538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5539","reference_id":"RHSA-2023:5539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5540","reference_id":"RHSA-2023:5540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6162","reference_id":"RHSA-2023:6162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6185","reference_id":"RHSA-2023:6185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6186","reference_id":"RHSA-2023:6186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6187","reference_id":"RHSA-2023:6187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6188","reference_id":"RHSA-2023:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6189","reference_id":"RHSA-2023:6189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6190","reference_id":"RHSA-2023:6190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6191","reference_id":"RHSA-2023:6191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6192","reference_id":"RHSA-2023:6192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6194","reference_id":"RHSA-2023:6194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6195","reference_id":"RHSA-2023:6195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6196","reference_id":"RHSA-2023:6196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6197","reference_id":"RHSA-2023:6197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6198","reference_id":"RHSA-2023:6198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6199","reference_id":"RHSA-2023:6199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6199"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/","reference_id":"TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"},{"reference_url":"https://usn.ubuntu.com/6403-1/","reference_id":"USN-6403-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-1/"},{"reference_url":"https://usn.ubuntu.com/6403-2/","reference_id":"USN-6403-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-2/"},{"reference_url":"https://usn.ubuntu.com/6403-3/","reference_id":"USN-6403-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6403-3/"},{"reference_url":"https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1","reference_id":"v1.13.0...v1.13.1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/"}],"url":"https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2023-44488"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mcab-z6qn-gkds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47984?format=json","vulnerability_id":"VCID-txwy-bkhg-9qfv","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9325","reference_id":"","reference_type":"","scores":[{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92642","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.9261","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92613","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92618","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92533","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.9254","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92543","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92554","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92559","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92565","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92566","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92576","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92578","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92581","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.926","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789002","reference_id":"1789002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789002"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9325","reference_id":"CVE-2019-9325","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9325"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9325"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txwy-bkhg-9qfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47985?format=json","vulnerability_id":"VCID-ut2r-gvwc-4ydu","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9371","reference_id":"","reference_type":"","scores":[{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95088","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95188","published_at":"2026-05-14T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95165","published_at":"2026-05-09T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.9517","published_at":"2026-05-11T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95176","published_at":"2026-05-12T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95099","published_at":"2026-04-02T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.951","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95109","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95112","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95118","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.9512","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95123","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.9513","published_at":"2026-04-16T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95136","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95137","published_at":"2026-04-26T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95138","published_at":"2026-04-29T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.9515","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17758","scoring_system":"epss","scoring_elements":"0.95156","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9371"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789004","reference_id":"1789004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789004"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9371","reference_id":"CVE-2019-9371","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9371"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4629","reference_id":"RHSA-2020:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4629"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9371"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ut2r-gvwc-4ydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75394?format=json","vulnerability_id":"VCID-veqq-773w-1ba9","summary":"libvpx: Integer overflow in vpx_img_alloc()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5197","reference_id":"","reference_type":"","scores":[{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55484","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55499","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55473","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55423","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55469","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55526","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.5551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55534","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55511","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55562","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55563","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55572","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55552","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55535","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55575","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55554","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55479","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291198","reference_id":"2291198","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291198"},{"reference_url":"https://g-issues.chromium.org/issues/332382766","reference_id":"332382766","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/"}],"url":"https://g-issues.chromium.org/issues/332382766"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5941","reference_id":"RHSA-2024:5941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9827","reference_id":"RHSA-2024:9827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14138","reference_id":"RHSA-2025:14138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14139","reference_id":"RHSA-2025:14139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14140","reference_id":"RHSA-2025:14140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14140"},{"reference_url":"https://usn.ubuntu.com/6814-1/","reference_id":"USN-6814-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6814-1/"},{"reference_url":"https://usn.ubuntu.com/7249-1/","reference_id":"USN-7249-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7249-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2024-5197"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-veqq-773w-1ba9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47983?format=json","vulnerability_id":"VCID-59n6-fj5x-33gn","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9232","reference_id":"","reference_type":"","scores":[{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92699","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92819","published_at":"2026-05-14T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92783","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92788","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92794","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92706","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92711","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92721","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92726","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92731","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.9273","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92742","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92747","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92754","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92749","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92758","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09266","scoring_system":"epss","scoring_elements":"0.92771","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788966","reference_id":"1788966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788966"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9232","reference_id":"CVE-2019-9232","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9232"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3876","reference_id":"RHSA-2020:3876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4629","reference_id":"RHSA-2020:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4629"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"},{"reference_url":"https://usn.ubuntu.com/4199-2/","reference_id":"USN-4199-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037261?format=json","purl":"pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-7s5h-zrax-hkcv"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-hhsp-7swr-qybd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9232"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-59n6-fj5x-33gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47986?format=json","vulnerability_id":"VCID-djwx-su1m-57h4","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9433","reference_id":"","reference_type":"","scores":[{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92385","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92498","published_at":"2026-05-14T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92467","published_at":"2026-05-09T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92471","published_at":"2026-05-11T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92478","published_at":"2026-05-12T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92399","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92419","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92436","published_at":"2026-04-18T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-04-21T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92442","published_at":"2026-04-26T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92447","published_at":"2026-05-05T12:55:00Z"},{"value":"0.08604","scoring_system":"epss","scoring_elements":"0.92458","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9433"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788994","reference_id":"1788994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788994"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9433","reference_id":"CVE-2019-9433","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9433"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3876","reference_id":"RHSA-2020:3876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4629","reference_id":"RHSA-2020:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4629"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"},{"reference_url":"https://usn.ubuntu.com/4199-2/","reference_id":"USN-4199-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037261?format=json","purl":"pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-7s5h-zrax-hkcv"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-hhsp-7swr-qybd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9433"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djwx-su1m-57h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68142?format=json","vulnerability_id":"VCID-hhsp-7swr-qybd","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13194","reference_id":"","reference_type":"","scores":[{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79307","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79314","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79337","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79323","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79349","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79358","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79381","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79366","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79356","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79382","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79378","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79412","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79417","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79432","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79441","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79462","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79479","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79497","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01253","scoring_system":"epss","scoring_elements":"0.79535","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13194"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535183","reference_id":"1535183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535183"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"},{"reference_url":"https://usn.ubuntu.com/4199-2/","reference_id":"USN-4199-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036426?format=json","purl":"pkg:deb/debian/libvpx@1.3.0-3%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-5bx8-w9sb-1bbs"},{"vulnerability":"VCID-5n7c-tqzz-nfha"},{"vulnerability":"VCID-7s5h-zrax-hkcv"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-hhsp-7swr-qybd"},{"vulnerability":"VCID-hkfy-wbqn-sba8"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-nw6w-7x8f-x7fw"},{"vulnerability":"VCID-qcyp-en6e-vya2"},{"vulnerability":"VCID-qjuf-f8ec-byc7"},{"vulnerability":"VCID-s76d-pjvk-63cr"},{"vulnerability":"VCID-tbkw-k4a7-43fp"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"},{"vulnerability":"VCID-wg9d-bt6y-6yfd"},{"vulnerability":"VCID-yhw4-v629-jye8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037261?format=json","purl":"pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-7s5h-zrax-hkcv"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-hhsp-7swr-qybd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"}],"aliases":["CVE-2017-13194"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhsp-7swr-qybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47984?format=json","vulnerability_id":"VCID-txwy-bkhg-9qfv","summary":"Multiple vulnerabilities have been found in libvpx, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9325","reference_id":"","reference_type":"","scores":[{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92642","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.9261","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92613","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92618","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92533","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.9254","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92543","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92554","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92559","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92565","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92566","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92576","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92578","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92581","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.92588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0889","scoring_system":"epss","scoring_elements":"0.926","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Nov/43","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Nov/43"},{"reference_url":"https://source.android.com/security/bulletin/android-10","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/android-10"},{"reference_url":"https://www.debian.org/security/2019/dsa-4578","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4578"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/25/17","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/25/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/10/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/10/27/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/11/07/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789002","reference_id":"1789002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1789002"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9325","reference_id":"CVE-2019-9325","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9325"},{"reference_url":"https://security.gentoo.org/glsa/202003-59","reference_id":"GLSA-202003-59","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-59"},{"reference_url":"https://usn.ubuntu.com/4199-1/","reference_id":"USN-4199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037261?format=json","purl":"pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-7s5h-zrax-hkcv"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-hhsp-7swr-qybd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1038071?format=json","purl":"pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-59n6-fj5x-33gn"},{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"},{"vulnerability":"VCID-djwx-su1m-57h4"},{"vulnerability":"VCID-f81v-9fv8-93cd"},{"vulnerability":"VCID-kuxu-ty5p-8qbf"},{"vulnerability":"VCID-mcab-z6qn-gkds"},{"vulnerability":"VCID-txwy-bkhg-9qfv"},{"vulnerability":"VCID-ut2r-gvwc-4ydu"},{"vulnerability":"VCID-veqq-773w-1ba9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049205?format=json","purl":"pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8vka-qus2-tbhj"},{"vulnerability":"VCID-98mt-7srw-qfh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3"}],"aliases":["CVE-2019-9325"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txwy-bkhg-9qfv"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2"}