{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","type":"deb","namespace":"debian","name":"python2.7","version":"2.7.9-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.7.18-8+deb11u1","latest_non_vulnerable_version":"2.7.18-8+deb11u1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82500?format=json","vulnerability_id":"VCID-1taa-a9e4-tbc5","summary":"python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10160","reference_id":"","reference_type":"","scores":[{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.7973","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79759","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79766","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79788","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82619","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1718388","reference_id":"1718388","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1718388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1587","reference_id":"RHSA-2019:1587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1700","reference_id":"RHSA-2019:1700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2437","reference_id":"RHSA-2019:2437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2437"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-10160"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1taa-a9e4-tbc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78162?format=json","vulnerability_id":"VCID-2czu-wy37-qugf","summary":"python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48566","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26984","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27036","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27081","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27085","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2704","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27176","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238753","reference_id":"2238753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238753"},{"reference_url":"https://bugs.python.org/issue40791","reference_id":"issue40791","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://bugs.python.org/issue40791"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0013/","reference_id":"ntap-20231006-0013","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0013/"},{"reference_url":"https://usn.ubuntu.com/6400-1/","reference_id":"USN-6400-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6400-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-48566"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2czu-wy37-qugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42640?format=json","vulnerability_id":"VCID-2shb-2cvn-dyd2","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24329","reference_id":"","reference_type":"","scores":[{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80742","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.8075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81602","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81581","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81653","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81633","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.816","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/102153","reference_id":"102153","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://github.com/python/cpython/issues/102153"},{"reference_url":"https://www.kb.cert.org/vuls/id/127587","reference_id":"127587","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://www.kb.cert.org/vuls/id/127587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173917","reference_id":"2173917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173917"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/","reference_id":"6PEVICI7YNGGMSL3UCMWGE66QFLATH72","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/"},{"reference_url":"https://github.com/python/cpython/pull/99421","reference_id":"99421","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://github.com/python/cpython/pull/99421"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/","reference_id":"DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/","reference_id":"EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/","reference_id":"F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/","reference_id":"GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/","reference_id":"H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/","reference_id":"JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/","reference_id":"LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/","reference_id":"MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230324-0004/","reference_id":"ntap-20230324-0004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230324-0004/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/","reference_id":"O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/","reference_id":"OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/","reference_id":"PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/","reference_id":"PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/"},{"reference_url":"https://pointernull.com/security/python-url-parse-problem.html","reference_id":"python-url-parse-problem.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://pointernull.com/security/python-url-parse-problem.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/","reference_id":"Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/","reference_id":"QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/","reference_id":"RA2MBEEES6L46OD64OBSVUUMGKNGMOWW","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3550","reference_id":"RHSA-2023:3550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3555","reference_id":"RHSA-2023:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3556","reference_id":"RHSA-2023:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3585","reference_id":"RHSA-2023:3585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3591","reference_id":"RHSA-2023:3591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3594","reference_id":"RHSA-2023:3594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3595","reference_id":"RHSA-2023:3595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3776","reference_id":"RHSA-2023:3776","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3777","reference_id":"RHSA-2023:3777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3780","reference_id":"RHSA-2023:3780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3781","reference_id":"RHSA-2023:3781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3796","reference_id":"RHSA-2023:3796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3810","reference_id":"RHSA-2023:3810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3811","reference_id":"RHSA-2023:3811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3931","reference_id":"RHSA-2023:3931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3932","reference_id":"RHSA-2023:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3934","reference_id":"RHSA-2023:3934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3935","reference_id":"RHSA-2023:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3936","reference_id":"RHSA-2023:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4004","reference_id":"RHSA-2023:4004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4008","reference_id":"RHSA-2023:4008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4032","reference_id":"RHSA-2023:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4038","reference_id":"RHSA-2023:4038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4203","reference_id":"RHSA-2023:4203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4282","reference_id":"RHSA-2023:4282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6793","reference_id":"RHSA-2023:6793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6793"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/","reference_id":"T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/","reference_id":"TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/","reference_id":"U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/","reference_id":"UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/5960-1/","reference_id":"USN-5960-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5960-1/"},{"reference_url":"https://usn.ubuntu.com/6139-1/","reference_id":"USN-6139-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6139-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/","reference_id":"WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2023-24329"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2shb-2cvn-dyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86043?format=json","vulnerability_id":"VCID-3mu8-g6x3-effb","summary":"python: http protocol steam injection attack","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5699","reference_id":"","reference_type":"","scores":[{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97021","published_at":"2026-04-02T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97039","published_at":"2026-04-12T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.9704","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303699","reference_id":"1303699","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1626","reference_id":"RHSA-2016:1626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1627","reference_id":"RHSA-2016:1627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1628","reference_id":"RHSA-2016:1628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1629","reference_id":"RHSA-2016:1629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1630","reference_id":"RHSA-2016:1630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1630"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"}],"aliases":["CVE-2016-5699"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mu8-g6x3-effb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63531?format=json","vulnerability_id":"VCID-4py6-hkzp-v3d4","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0327","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3505","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1260","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1260"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1060.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1060.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1060","reference_id":"","reference_type":"","scores":[{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76425","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.7644","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76472","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76486","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76512","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76491","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.7643","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01049","scoring_system":"epss","scoring_elements":"0.77527","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1060"},{"reference_url":"https://bugs.python.org/issue32981","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue32981"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647"},{"reference_url":"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1","reference_id":"","reference_type":"","scores":[],"url":"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1"},{"reference_url":"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1","reference_id":"","reference_type":"","scores":[],"url":"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4306","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4306"},{"reference_url":"https://www.debian.org/security/2018/dsa-4307","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4307"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"http://www.securitytracker.com/id/1042001","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1042001"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549191","reference_id":"1549191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549191"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1060","reference_id":"CVE-2018-1060","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3041","reference_id":"RHSA-2018:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://usn.ubuntu.com/3817-1/","reference_id":"USN-3817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-1/"},{"reference_url":"https://usn.ubuntu.com/3817-2/","reference_id":"USN-3817-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2018-1060"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4py6-hkzp-v3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78163?format=json","vulnerability_id":"VCID-4q79-666d-rygx","summary":"python: XML External Entity in XML processing plistlib module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48565","reference_id":"","reference_type":"","scores":[{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9166","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91631","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91639","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91651","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91657","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91661","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91663","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240059","reference_id":"2240059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240059"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/","reference_id":"AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/","reference_id":"BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/"},{"reference_url":"https://bugs.python.org/issue42051","reference_id":"issue42051","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://bugs.python.org/issue42051"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/","reference_id":"KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0007/","reference_id":"ntap-20231006-0007","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2987","reference_id":"RHSA-2024:2987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2987"},{"reference_url":"https://usn.ubuntu.com/6354-1/","reference_id":"USN-6354-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6354-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-48565"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4q79-666d-rygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42641?format=json","vulnerability_id":"VCID-4z89-3tfk-pyge","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40217","reference_id":"","reference_type":"","scores":[{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68909","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68929","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68952","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68938","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69341","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69321","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235789","reference_id":"2235789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235789"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0014/","reference_id":"ntap-20231006-0014","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0014/"},{"reference_url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/","reference_id":"PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5456","reference_id":"RHSA-2023:5456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5462","reference_id":"RHSA-2023:5462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5463","reference_id":"RHSA-2023:5463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5472","reference_id":"RHSA-2023:5472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5528","reference_id":"RHSA-2023:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5531","reference_id":"RHSA-2023:5531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5990","reference_id":"RHSA-2023:5990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5991","reference_id":"RHSA-2023:5991","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5991"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5992","reference_id":"RHSA-2023:5992","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5993","reference_id":"RHSA-2023:5993","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5993"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5994","reference_id":"RHSA-2023:5994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5995","reference_id":"RHSA-2023:5995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5996","reference_id":"RHSA-2023:5996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5997","reference_id":"RHSA-2023:5997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5998","reference_id":"RHSA-2023:5998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6068","reference_id":"RHSA-2023:6068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6069","reference_id":"RHSA-2023:6069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6290","reference_id":"RHSA-2023:6290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6793","reference_id":"RHSA-2023:6793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6823","reference_id":"RHSA-2023:6823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6885","reference_id":"RHSA-2023:6885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6885"},{"reference_url":"https://www.python.org/dev/security/","reference_id":"security","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://www.python.org/dev/security/"},{"reference_url":"https://usn.ubuntu.com/6513-1/","reference_id":"USN-6513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6513-1/"},{"reference_url":"https://usn.ubuntu.com/6513-2/","reference_id":"USN-6513-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6513-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2023-40217"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z89-3tfk-pyge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82434?format=json","vulnerability_id":"VCID-57c6-hx7f-efc6","summary":"python: CRLF injection via the host part of the url passed to urlopen()","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18348","reference_id":"","reference_type":"","scores":[{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85746","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.8582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85827","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85824","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85758","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85802","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18348"},{"reference_url":"https://bugs.python.org/issue30458#msg347282","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue30458#msg347282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191107-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191107-0004/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727276","reference_id":"1727276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18348","reference_id":"CVE-2019-18348","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4273","reference_id":"RHSA-2020:4273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://usn.ubuntu.com/4333-1/","reference_id":"USN-4333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-1/"},{"reference_url":"https://usn.ubuntu.com/4333-2/","reference_id":"USN-4333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-18348"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57c6-hx7f-efc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63533?format=json","vulnerability_id":"VCID-7jat-6ags-qbdr","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14647.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14647.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14647","reference_id":"","reference_type":"","scores":[{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81846","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81857","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81879","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81875","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81902","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81928","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81916","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01634","scoring_system":"epss","scoring_elements":"0.81911","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14647"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631822","reference_id":"1631822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631822"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921039","reference_id":"921039","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1462","reference_id":"RHSA-2020:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1462"},{"reference_url":"https://usn.ubuntu.com/3817-1/","reference_id":"USN-3817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-1/"},{"reference_url":"https://usn.ubuntu.com/3817-2/","reference_id":"USN-3817-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2018-14647"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7jat-6ags-qbdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59776?format=json","vulnerability_id":"VCID-9mcr-rmtb-mufj","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html"},{"reference_url":"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1260","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3335","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3335"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9740","reference_id":"","reference_type":"","scores":[{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.92982","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93009","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93001","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.9301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.9299","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.92994","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.92993","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9740"},{"reference_url":"https://bugs.python.org/issue36276","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue36276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://seclists.org/bugtraq/2019/Oct/29","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Oct/29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190619-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190619-0005/"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/02/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/02/04/2"},{"reference_url":"http://www.securityfocus.com/bid/107466","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107466"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688169","reference_id":"1688169","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688169"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9740","reference_id":"CVE-2019-9740","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9740"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3520","reference_id":"RHSA-2019:3520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1462","reference_id":"RHSA-2020:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1462"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-9740"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mcr-rmtb-mufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51186?format=json","vulnerability_id":"VCID-c97c-3177-wkhx","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5636.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5636","reference_id":"","reference_type":"","scores":[{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97216","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97244","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97242","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97243","published_at":"2026-04-12T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97222","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97227","published_at":"2026-04-04T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97228","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97238","published_at":"2026-04-08T12:55:00Z"},{"value":"0.38587","scoring_system":"epss","scoring_elements":"0.97239","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1345856","reference_id":"1345856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1345856"},{"reference_url":"https://security.gentoo.org/glsa/201701-18","reference_id":"GLSA-201701-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2586","reference_id":"RHSA-2016:2586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2586"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"}],"aliases":["CVE-2016-5636"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c97c-3177-wkhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50260?format=json","vulnerability_id":"VCID-dkxn-j9dr-sqbp","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3177","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21902","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21827","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21873","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21958","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22631","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22589","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918168","reference_id":"1918168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918168"},{"reference_url":"https://github.com/python/cpython/pull/24239","reference_id":"24239","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://github.com/python/cpython/pull/24239"},{"reference_url":"https://security.archlinux.org/ASA-202102-37","reference_id":"ASA-202102-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-37"},{"reference_url":"https://security.archlinux.org/AVG-1465","reference_id":"AVG-1465","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1465"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/","reference_id":"BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/","reference_id":"CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/"},{"reference_url":"https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html","reference_id":"ctypes-buffer-overflow-pycarg_repr.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/","reference_id":"FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/","reference_id":"FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/"},{"reference_url":"https://security.gentoo.org/glsa/202101-18","reference_id":"GLSA-202101-18","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://security.gentoo.org/glsa/202101-18"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/","reference_id":"HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/"},{"reference_url":"https://bugs.python.org/issue42938","reference_id":"issue42938","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://bugs.python.org/issue42938"},{"reference_url":"https://news.ycombinator.com/item?id=26185005","reference_id":"item?id=26185005","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://news.ycombinator.com/item?id=26185005"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/","reference_id":"MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/","reference_id":"MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/","reference_id":"NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/","reference_id":"NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210226-0003/","reference_id":"ntap-20210226-0003","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210226-0003/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/","reference_id":"NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1633","reference_id":"RHSA-2021:1633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1761","reference_id":"RHSA-2021:1761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1879","reference_id":"RHSA-2021:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3252","reference_id":"RHSA-2021:3252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5235","reference_id":"RHSA-2022:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5235"},{"reference_url":"https://usn.ubuntu.com/4754-1/","reference_id":"USN-4754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-1/"},{"reference_url":"https://usn.ubuntu.com/4754-3/","reference_id":"USN-4754-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-3/"},{"reference_url":"https://usn.ubuntu.com/4754-4/","reference_id":"USN-4754-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-4/"},{"reference_url":"https://usn.ubuntu.com/4754-5/","reference_id":"USN-4754-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-5/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/","reference_id":"V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/","reference_id":"Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/","reference_id":"YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/","reference_id":"Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2021-3177"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dkxn-j9dr-sqbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78165?format=json","vulnerability_id":"VCID-dv5v-71b5-budp","summary":"python: use after free in heappushpop() of heapq module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48560","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42375","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42344","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42393","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42358","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249755","reference_id":"2249755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0114","reference_id":"RHSA-2024:0114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0430","reference_id":"RHSA-2024:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0586","reference_id":"RHSA-2024:0586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2987","reference_id":"RHSA-2024:2987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2987"},{"reference_url":"https://usn.ubuntu.com/6394-1/","reference_id":"USN-6394-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6394-1/"},{"reference_url":"https://usn.ubuntu.com/6394-2/","reference_id":"USN-6394-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6394-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-48560"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv5v-71b5-budp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56236?format=json","vulnerability_id":"VCID-gfzb-b7tt-fkgz","summary":"A buffer overflow in Python might allow remote attackers to cause a\n    Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000030.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000030.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000030","reference_id":"","reference_type":"","scores":[{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81483","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81517","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81514","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81542","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81548","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81568","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01576","scoring_system":"epss","scoring_elements":"0.81555","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541558","reference_id":"1541558","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541558"},{"reference_url":"https://security.gentoo.org/glsa/201811-02","reference_id":"GLSA-201811-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-02"},{"reference_url":"https://usn.ubuntu.com/3817-1/","reference_id":"USN-3817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-1/"},{"reference_url":"https://usn.ubuntu.com/3817-2/","reference_id":"USN-3817-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2018-1000030"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzb-b7tt-fkgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62534?format=json","vulnerability_id":"VCID-gkfp-ga1r-jkag","summary":"A vulnerability in Python could lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8492","reference_id":"","reference_type":"","scores":[{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87628","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87617","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87624","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87635","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.8763","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87598","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0363","scoring_system":"epss","scoring_elements":"0.87785","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0363","scoring_system":"epss","scoring_elements":"0.87796","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0363","scoring_system":"epss","scoring_elements":"0.87774","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809065","reference_id":"1809065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809065"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099","reference_id":"970099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099"},{"reference_url":"https://security.gentoo.org/glsa/202005-09","reference_id":"GLSA-202005-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3888","reference_id":"RHSA-2020:3888","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3888"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4641","reference_id":"RHSA-2020:4641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4641"},{"reference_url":"https://usn.ubuntu.com/4333-1/","reference_id":"USN-4333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-1/"},{"reference_url":"https://usn.ubuntu.com/4333-2/","reference_id":"USN-4333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-2/"},{"reference_url":"https://usn.ubuntu.com/4754-3/","reference_id":"USN-4754-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-3/"},{"reference_url":"https://usn.ubuntu.com/5200-1/","reference_id":"USN-5200-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5200-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2020-8492"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gkfp-ga1r-jkag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73081?format=json","vulnerability_id":"VCID-hcq4-yq9k-jygb","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000802.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000802","reference_id":"","reference_type":"","scores":[{"value":"0.22336","scoring_system":"epss","scoring_elements":"0.95817","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22336","scoring_system":"epss","scoring_elements":"0.95808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22336","scoring_system":"epss","scoring_elements":"0.95812","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22336","scoring_system":"epss","scoring_elements":"0.95815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22336","scoring_system":"epss","scoring_elements":"0.95797","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22336","scoring_system":"epss","scoring_elements":"0.958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.23201","scoring_system":"epss","scoring_elements":"0.95911","published_at":"2026-04-02T12:55:00Z"},{"value":"0.23201","scoring_system":"epss","scoring_elements":"0.95903","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631420","reference_id":"1631420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631420"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909673","reference_id":"909673","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909673"},{"reference_url":"https://usn.ubuntu.com/3817-1/","reference_id":"USN-3817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-1/"},{"reference_url":"https://usn.ubuntu.com/3817-2/","reference_id":"USN-3817-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2018-1000802"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcq4-yq9k-jygb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51185?format=json","vulnerability_id":"VCID-hgwh-tzsf-suc1","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0772","reference_id":"","reference_type":"","scores":[{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90443","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90459","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90464","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90476","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90482","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.9049","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90483","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303647","reference_id":"1303647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303647"},{"reference_url":"https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772","reference_id":"CVE-2016-0772","reference_type":"exploit","scores":[],"url":"https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt","reference_id":"CVE-2016-0772","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt"},{"reference_url":"https://security.gentoo.org/glsa/201701-18","reference_id":"GLSA-201701-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1626","reference_id":"RHSA-2016:1626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1627","reference_id":"RHSA-2016:1627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1628","reference_id":"RHSA-2016:1628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1629","reference_id":"RHSA-2016:1629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1630","reference_id":"RHSA-2016:1630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1630"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"}],"aliases":["CVE-2016-0772"],"risk_score":8.6,"exploitability":"2.0","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgwh-tzsf-suc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63532?format=json","vulnerability_id":"VCID-j9s6-2y47-zbbt","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0327","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3505","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1260","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1260"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1061.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1061.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1061","reference_id":"","reference_type":"","scores":[{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80908","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80966","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80964","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80972","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80974","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80939","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01476","scoring_system":"epss","scoring_elements":"0.80937","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1061"},{"reference_url":"https://bugs.python.org/issue32981","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue32981"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647"},{"reference_url":"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1","reference_id":"","reference_type":"","scores":[],"url":"https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1"},{"reference_url":"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1","reference_id":"","reference_type":"","scores":[],"url":"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4306","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4306"},{"reference_url":"https://www.debian.org/security/2018/dsa-4307","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4307"},{"reference_url":"http://www.securitytracker.com/id/1042001","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1042001"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549192","reference_id":"1549192","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549192"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:alpha1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:alpha2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:alpha3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:alpha4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:beta1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:beta3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:beta4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:beta5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.7.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1061","reference_id":"CVE-2018-1061","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3041","reference_id":"RHSA-2018:3041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://usn.ubuntu.com/3817-1/","reference_id":"USN-3817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-1/"},{"reference_url":"https://usn.ubuntu.com/3817-2/","reference_id":"USN-3817-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3817-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2018-1061"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j9s6-2y47-zbbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59780?format=json","vulnerability_id":"VCID-k18q-3e9y-ykgf","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html"},{"reference_url":"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3335","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3335"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9948.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9948.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9948","reference_id":"","reference_type":"","scores":[{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76418","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76464","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76477","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76503","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76421","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.7645","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76431","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9948"},{"reference_url":"https://bugs.python.org/issue35907","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue35907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/pull/11842","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/pull/11842"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/"},{"reference_url":"https://seclists.org/bugtraq/2019/Oct/29","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Oct/29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0004/"},{"reference_url":"http://www.securityfocus.com/bid/107549","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107549"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695570","reference_id":"1695570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695570"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9948","reference_id":"CVE-2019-9948","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9948"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1700","reference_id":"RHSA-2019:1700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3520","reference_id":"RHSA-2019:3520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1462","reference_id":"RHSA-2020:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1462"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2019-9948"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k18q-3e9y-ykgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83267?format=json","vulnerability_id":"VCID-ppqx-qup8-sqbz","summary":"python: email.utils.parseaddr wrongly parses email addresses","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16056","reference_id":"","reference_type":"","scores":[{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75591","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75624","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75594","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75638","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75649","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75674","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79032","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79042","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16056"},{"reference_url":"https://bugs.python.org/issue34155","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue34155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190926-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190926-0005/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749839","reference_id":"1749839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749839"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901","reference_id":"940901","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16056","reference_id":"CVE-2019-16056","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3948","reference_id":"RHSA-2019:3948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1131","reference_id":"RHSA-2020:1131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1132","reference_id":"RHSA-2020:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1764","reference_id":"RHSA-2020:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2520","reference_id":"RHSA-2020:2520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2520"},{"reference_url":"https://usn.ubuntu.com/4151-1/","reference_id":"USN-4151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-1/"},{"reference_url":"https://usn.ubuntu.com/4151-2/","reference_id":"USN-4151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-16056"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppqx-qup8-sqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50772?format=json","vulnerability_id":"VCID-tyk4-kazt-kydj","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20907","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55257","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.5538","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55358","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55419","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55397","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55379","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856481","reference_id":"1856481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856481"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099","reference_id":"970099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099"},{"reference_url":"https://security.gentoo.org/glsa/202008-01","reference_id":"GLSA-202008-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4273","reference_id":"RHSA-2020:4273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4299","reference_id":"RHSA-2020:4299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4641","reference_id":"RHSA-2020:4641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4654","reference_id":"RHSA-2020:4654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5009","reference_id":"RHSA-2020:5009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5010","reference_id":"RHSA-2020:5010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0528","reference_id":"RHSA-2021:0528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0761","reference_id":"RHSA-2021:0761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0881","reference_id":"RHSA-2021:0881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://usn.ubuntu.com/4428-1/","reference_id":"USN-4428-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4428-1/"},{"reference_url":"https://usn.ubuntu.com/4754-3/","reference_id":"USN-4754-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-3/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-20907"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk4-kazt-kydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85004?format=json","vulnerability_id":"VCID-ugfy-dufq-hfb2","summary":"CGIHandler: sets environmental variable based on user supplied Proxy request header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1000110","reference_id":"","reference_type":"","scores":[{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90601","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90591","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90572","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.9058","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09899","scoring_system":"epss","scoring_elements":"0.92986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09899","scoring_system":"epss","scoring_elements":"0.92978","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1000110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357334","reference_id":"1357334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1626","reference_id":"RHSA-2016:1626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1627","reference_id":"RHSA-2016:1627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1628","reference_id":"RHSA-2016:1628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1629","reference_id":"RHSA-2016:1629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1630","reference_id":"RHSA-2016:1630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1630"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037389?format=json","purl":"pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3"}],"aliases":["CVE-2016-1000110"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugfy-dufq-hfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82060?format=json","vulnerability_id":"VCID-v84j-ugn9-w3c8","summary":"python: XSS vulnerability in the documentation XML-RPC server in server_title field","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16935","reference_id":"","reference_type":"","scores":[{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84614","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84542","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84567","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84589","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16935"},{"reference_url":"https://bugs.python.org/issue38243","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue38243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897"},{"reference_url":"https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213"},{"reference_url":"https://github.com/python/cpython/pull/16373","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/pull/16373"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191017-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191017-0004/"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149","reference_id":"1027149","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763229","reference_id":"1763229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763229"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16935","reference_id":"CVE-2019-16935","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3888","reference_id":"RHSA-2020:3888","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3888"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3911","reference_id":"RHSA-2020:3911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://usn.ubuntu.com/4151-1/","reference_id":"USN-4151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-1/"},{"reference_url":"https://usn.ubuntu.com/4151-2/","reference_id":"USN-4151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-16935"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v84j-ugn9-w3c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38909?format=json","vulnerability_id":"VCID-vpwj-d49q-1uh8","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0391","reference_id":"","reference_type":"","scores":[{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79807","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79865","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.7986","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79882","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376","reference_id":"2047376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/","reference_id":"CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/"},{"reference_url":"https://bugs.python.org/issue43882","reference_id":"issue43882","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://bugs.python.org/issue43882"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220225-0009/","reference_id":"ntap-20220225-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220225-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1663","reference_id":"RHSA-2022:1663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1764","reference_id":"RHSA-2022:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1821","reference_id":"RHSA-2022:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6457","reference_id":"RHSA-2022:6457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6457"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/","reference_id":"UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/"},{"reference_url":"https://usn.ubuntu.com/5342-1/","reference_id":"USN-5342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5342-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5342-2/","reference_id":"USN-USN-5342-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5342-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-0391"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpwj-d49q-1uh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36442?format=json","vulnerability_id":"VCID-w6k8-js68-87g4","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which might allow attackers to access sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23336","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53323","published_at":"2026-04-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53374","published_at":"2026-04-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53329","published_at":"2026-04-08T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54301","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54251","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54271","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928904","reference_id":"1928904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928904"},{"reference_url":"https://github.com/python/cpython/pull/24297","reference_id":"24297","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://github.com/python/cpython/pull/24297"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/","reference_id":"3EPYWWFDV22CJ5AOH5VCE72DOASZZ255","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/","reference_id":"3YKKDLXL3UEZ3J426C2XTBS63AHE46SM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/02/19/4","reference_id":"4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/02/19/4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/","reference_id":"46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090","reference_id":"983090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090"},{"reference_url":"https://security.archlinux.org/ASA-202102-28","reference_id":"ASA-202102-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-28"},{"reference_url":"https://security.archlinux.org/ASA-202102-37","reference_id":"ASA-202102-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-37"},{"reference_url":"https://security.archlinux.org/AVG-1465","reference_id":"AVG-1465","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1465"},{"reference_url":"https://security.archlinux.org/AVG-1593","reference_id":"AVG-1593","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1593"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23336","reference_id":"CVE-2021-23336","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23336"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/","reference_id":"FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/"},{"reference_url":"https://security.gentoo.org/glsa/202104-04","reference_id":"GLSA-202104-04","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://security.gentoo.org/glsa/202104-04"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/","reference_id":"HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/","reference_id":"HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/","reference_id":"IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/","reference_id":"KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/","reference_id":"LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/","reference_id":"MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/","reference_id":"MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/","reference_id":"N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/","reference_id":"NJSCSN722JO2E2AGPWD4NTGVELVRPB4R","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/","reference_id":"NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210326-0004/","reference_id":"ntap-20210326-0004","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210326-0004/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/","reference_id":"OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/"},{"reference_url":"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E","reference_id":"rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1633","reference_id":"RHSA-2021:1633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3252","reference_id":"RHSA-2021:3252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4151","reference_id":"RHSA-2021:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4162","reference_id":"RHSA-2021:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4162"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/","reference_id":"RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/","reference_id":"SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/"},{"reference_url":"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933","reference_id":"SNYK-UPSTREAM-PYTHONCPYTHON-1074933","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/","reference_id":"TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/"},{"reference_url":"https://usn.ubuntu.com/4742-1/","reference_id":"USN-4742-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4742-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/","reference_id":"W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2021-23336"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6k8-js68-87g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34127?format=json","vulnerability_id":"VCID-wq7w-nrar-ykde","summary":"A buffer overflow in Python might allow remote attackers to execute\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000158.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000158","reference_id":"","reference_type":"","scores":[{"value":"0.0359","scoring_system":"epss","scoring_elements":"0.87757","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0359","scoring_system":"epss","scoring_elements":"0.87726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0359","scoring_system":"epss","scoring_elements":"0.87747","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0359","scoring_system":"epss","scoring_elements":"0.87753","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0359","scoring_system":"epss","scoring_elements":"0.87764","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0359","scoring_system":"epss","scoring_elements":"0.87758","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03719","scoring_system":"epss","scoring_elements":"0.87923","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03719","scoring_system":"epss","scoring_elements":"0.87933","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03719","scoring_system":"epss","scoring_elements":"0.87946","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000158"},{"reference_url":"https://bugs.python.org/issue30657","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue30657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230216-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20230216-0001/"},{"reference_url":"https://www.debian.org/security/2018/dsa-4307","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4307"},{"reference_url":"http://www.securitytracker.com/id/1039890","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039890"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1519595","reference_id":"1519595","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1519595"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000158","reference_id":"CVE-2017-1000158","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000158"},{"reference_url":"https://security.gentoo.org/glsa/201805-02","reference_id":"GLSA-201805-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-02"},{"reference_url":"https://usn.ubuntu.com/3496-1/","reference_id":"USN-3496-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3496-1/"},{"reference_url":"https://usn.ubuntu.com/3496-2/","reference_id":"USN-3496-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3496-2/"},{"reference_url":"https://usn.ubuntu.com/3496-3/","reference_id":"USN-3496-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3496-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2017-1000158"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wq7w-nrar-ykde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59774?format=json","vulnerability_id":"VCID-wxhp-wayg-qbd1","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0763","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0763"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0764","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0764"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0959","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0981","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0981"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9636.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9636","reference_id":"","reference_type":"","scores":[{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.9248","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.92495","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.92486","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.92499","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.9251","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.92515","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08786","scoring_system":"epss","scoring_elements":"0.92521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.11474","scoring_system":"epss","scoring_elements":"0.93606","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11474","scoring_system":"epss","scoring_elements":"0.93607","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9636"},{"reference_url":"https://bugs.python.org/issue36216","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue36216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/pull/12201","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/pull/12201"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/"},{"reference_url":"https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html","reference_id":"","reference_type":"","scores":[],"url":"https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190517-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190517-0001/"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.securityfocus.com/bid/107400","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107400"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688543","reference_id":"1688543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688543"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924073","reference_id":"924073","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924073"},{"reference_url":"https://security.archlinux.org/ASA-201906-17","reference_id":"ASA-201906-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201906-17"},{"reference_url":"https://security.archlinux.org/AVG-977","reference_id":"AVG-977","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9636","reference_id":"CVE-2019-9636","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9636"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0710","reference_id":"RHSA-2019:0710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0765","reference_id":"RHSA-2019:0765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0806","reference_id":"RHSA-2019:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0902","reference_id":"RHSA-2019:0902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0997","reference_id":"RHSA-2019:0997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1467","reference_id":"RHSA-2019:1467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2980","reference_id":"RHSA-2019:2980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3170","reference_id":"RHSA-2019:3170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3170"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2019-9636"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxhp-wayg-qbd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59778?format=json","vulnerability_id":"VCID-x7h3-nmjt-aud5","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1260","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3335","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3335"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9947","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78596","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78605","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78584","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78566","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78592","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9947"},{"reference_url":"https://bugs.python.org/issue35906","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue35906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0004/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/02/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/02/04/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695572","reference_id":"1695572","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695572"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9947","reference_id":"CVE-2019-9947","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9947"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3520","reference_id":"RHSA-2019:3520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1462","reference_id":"RHSA-2020:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1462"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-9947"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7h3-nmjt-aud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59772?format=json","vulnerability_id":"VCID-xv9p-nyha-xygv","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20852","reference_id":"","reference_type":"","scores":[{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83558","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83573","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83574","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83606","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83622","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83616","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83611","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1740347","reference_id":"1740347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1740347"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3948","reference_id":"RHSA-2019:3948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1131","reference_id":"RHSA-2020:1131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1132","reference_id":"RHSA-2020:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1764","reference_id":"RHSA-2020:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1764"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2018-20852"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xv9p-nyha-xygv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59773?format=json","vulnerability_id":"VCID-yqm8-fk44-4yhk","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5010.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5010","reference_id":"","reference_type":"","scores":[{"value":"0.05355","scoring_system":"epss","scoring_elements":"0.90078","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05355","scoring_system":"epss","scoring_elements":"0.90056","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05355","scoring_system":"epss","scoring_elements":"0.90071","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05355","scoring_system":"epss","scoring_elements":"0.90077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05355","scoring_system":"epss","scoring_elements":"0.90086","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05355","scoring_system":"epss","scoring_elements":"0.90084","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0601","scoring_system":"epss","scoring_elements":"0.90659","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0601","scoring_system":"epss","scoring_elements":"0.90675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0601","scoring_system":"epss","scoring_elements":"0.90664","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758","reference_id":"","reference_type":"","scores":[],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666519","reference_id":"1666519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666519"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921040","reference_id":"921040","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921040"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5010","reference_id":"CVE-2019-5010","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5010"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3520","reference_id":"RHSA-2019:3520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050685?format=json","purl":"pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1"}],"aliases":["CVE-2019-5010"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqm8-fk44-4yhk"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6858?format=json","vulnerability_id":"VCID-1mw1-384y-huc7","summary":"Uncontrolled Resource Consumption\nAlgorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.","references":[{"reference_url":"http://bugs.python.org/issue17980","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue17980"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2099","reference_id":"","reference_type":"","scores":[{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89926","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89929","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89942","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89948","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89964","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.8997","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89978","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89976","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05238","scoring_system":"epss","scoring_elements":"0.89969","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2099"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066","reference_id":"709066","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067","reference_id":"709067","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068","reference_id":"709068","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069","reference_id":"709069","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070","reference_id":"709070","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=963260","reference_id":"963260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=963260"},{"reference_url":"https://security.gentoo.org/glsa/201401-04","reference_id":"GLSA-201401-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1263","reference_id":"RHSA-2014:1263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1690","reference_id":"RHSA-2014:1690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0042","reference_id":"RHSA-2015:0042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1166","reference_id":"RHSA-2016:1166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1166"},{"reference_url":"https://usn.ubuntu.com/1983-1/","reference_id":"USN-1983-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1983-1/"},{"reference_url":"https://usn.ubuntu.com/1984-1/","reference_id":"USN-1984-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1984-1/"},{"reference_url":"https://usn.ubuntu.com/1985-1/","reference_id":"USN-1985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2013-2099"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mw1-384y-huc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50414?format=json","vulnerability_id":"VCID-8aq9-8cf5-qbet","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"http://bugs.python.org/issue22417","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue22417"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9365.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9365.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9365","reference_id":"","reference_type":"","scores":[{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84093","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84125","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84154","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84171","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84166","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02127","scoring_system":"epss","scoring_elements":"0.84161","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365"},{"reference_url":"https://security.gentoo.org/glsa/201503-10","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-10"},{"reference_url":"https://support.apple.com/kb/HT205031","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT205031"},{"reference_url":"https://www.python.org/dev/peps/pep-0476/","reference_id":"","reference_type":"","scores":[],"url":"https://www.python.org/dev/peps/pep-0476/"},{"reference_url":"https://www.python.org/downloads/release/python-279/","reference_id":"","reference_type":"","scores":[],"url":"https://www.python.org/downloads/release/python-279/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/12/11/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/12/11/1"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.securityfocus.com/bid/71639","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71639"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173041","reference_id":"1173041","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1173041"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.6:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4:alpha1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9365","reference_id":"CVE-2014-9365","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1162","reference_id":"RHSA-2017:1162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1868","reference_id":"RHSA-2017:1868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2014-9365"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8aq9-8cf5-qbet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86237?format=json","vulnerability_id":"VCID-8jfv-cqa8-7yb6","summary":"python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4650","reference_id":"","reference_type":"","scores":[{"value":"0.06019","scoring_system":"epss","scoring_elements":"0.90685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06019","scoring_system":"epss","scoring_elements":"0.9067","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06019","scoring_system":"epss","scoring_elements":"0.90675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.916","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91613","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1113527","reference_id":"1113527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1113527"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt","reference_id":"CVE-2014-4650;OSVDB-108369","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt"},{"reference_url":"https://www.redteam-pentesting.de/advisories/rt-sa-2014-008","reference_id":"CVE-2014-4650;OSVDB-108369","reference_type":"exploit","scores":[],"url":"https://www.redteam-pentesting.de/advisories/rt-sa-2014-008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2014-4650"],"risk_score":5.2,"exploitability":"2.0","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jfv-cqa8-7yb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55569?format=json","vulnerability_id":"VCID-9jj2-hsne-mbac","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4238.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4238","reference_id":"","reference_type":"","scores":[{"value":"0.02847","scoring_system":"epss","scoring_elements":"0.8622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02847","scoring_system":"epss","scoring_elements":"0.86201","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02847","scoring_system":"epss","scoring_elements":"0.86212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02847","scoring_system":"epss","scoring_elements":"0.86227","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02847","scoring_system":"epss","scoring_elements":"0.86224","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02847","scoring_system":"epss","scoring_elements":"0.86182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02891","scoring_system":"epss","scoring_elements":"0.86262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02891","scoring_system":"epss","scoring_elements":"0.86279","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02891","scoring_system":"epss","scoring_elements":"0.86252","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566","reference_id":"719566","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=996381","reference_id":"996381","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=996381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1527","reference_id":"RHSA-2013:1527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1582","reference_id":"RHSA-2013:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1582"},{"reference_url":"https://usn.ubuntu.com/1982-1/","reference_id":"USN-1982-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1982-1/"},{"reference_url":"https://usn.ubuntu.com/1983-1/","reference_id":"USN-1983-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1983-1/"},{"reference_url":"https://usn.ubuntu.com/1984-1/","reference_id":"USN-1984-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1984-1/"},{"reference_url":"https://usn.ubuntu.com/1985-1/","reference_id":"USN-1985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2013-4238"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9jj2-hsne-mbac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50411?format=json","vulnerability_id":"VCID-ez5b-fvw8-hkh3","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1912","reference_id":"","reference_type":"","scores":[{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.95985","published_at":"2026-04-01T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.95992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.95999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96013","published_at":"2026-04-08T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96016","published_at":"2026-04-09T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96019","published_at":"2026-04-12T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96021","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1062370","reference_id":"1062370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1062370"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py","reference_id":"CVE-2014-1912;OSVDB-102929","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://usn.ubuntu.com/2125-1/","reference_id":"USN-2125-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2125-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2014-1912"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ez5b-fvw8-hkh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15630?format=json","vulnerability_id":"VCID-f5vu-k9rc-27fz","summary":"Improper Validation of Array Index\nArray index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.","references":[{"reference_url":"http://bugs.python.org/issue21529","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://bugs.python.org/issue21529"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html"},{"reference_url":"http://openwall.com/lists/oss-security/2014/06/24/7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2014/06/24/7"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4616","reference_id":"","reference_type":"","scores":[{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68161","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68098","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6812","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68139","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68116","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68167","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68194","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4616"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1112285","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1112285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616"},{"reference_url":"https://github.com/simplejson/simplejson","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/simplejson/simplejson"},{"reference_url":"https://hackerone.com/reports/12297","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/12297"},{"reference_url":"https://security.gentoo.org/glsa/201503-10","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201503-10"},{"reference_url":"http://www.securityfocus.com/bid/68119","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/68119"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4616","reference_id":"CVE-2014-4616","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4616"},{"reference_url":"https://github.com/advisories/GHSA-9772-cwx9-r4cj","reference_id":"GHSA-9772-cwx9-r4cj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9772-cwx9-r4cj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2014-4616","GHSA-9772-cwx9-r4cj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f5vu-k9rc-27fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86592?format=json","vulnerability_id":"VCID-g81p-pg7g-xfcf","summary":"python: wildcard matching rules do not follow RFC 6125","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7440.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7440.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7440","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58025","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58045","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57912","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57997","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58019","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58048","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58068","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7440"},{"reference_url":"https://bugs.python.org/issue17997","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue17997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7440"},{"reference_url":"http://seclists.org/oss-sec/2015/q2/483","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2015/q2/483"},{"reference_url":"http://seclists.org/oss-sec/2015/q2/523","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/oss-sec/2015/q2/523"},{"reference_url":"https://hg.python.org/cpython/rev/10d0edadbcdd","reference_id":"","reference_type":"","scores":[],"url":"https://hg.python.org/cpython/rev/10d0edadbcdd"},{"reference_url":"http://www.securityfocus.com/bid/74707","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/74707"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1224999","reference_id":"1224999","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1224999"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7440","reference_id":"CVE-2013-7440","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1166","reference_id":"RHSA-2016:1166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1166"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2013-7440"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g81p-pg7g-xfcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50413?format=json","vulnerability_id":"VCID-mzd5-dwty-bqhf","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"http://bugs.python.org/issue21831","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue21831"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1330.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1330.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7185","reference_id":"","reference_type":"","scores":[{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75142","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75145","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75152","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75186","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75219","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75197","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/96193","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/96193"},{"reference_url":"https://security.gentoo.org/glsa/201503-10","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-10"},{"reference_url":"https://support.apple.com/kb/HT205031","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT205031"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/09/23/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/09/23/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/09/25/47","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/09/25/47"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/70089","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70089"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1146026","reference_id":"1146026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1146026"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848","reference_id":"763848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7185","reference_id":"CVE-2014-7185","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2014-7185"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzd5-dwty-bqhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86971?format=json","vulnerability_id":"VCID-w85n-mm5g-5yd1","summary":"python: XMLRPC library unrestricted decompression of HTTP responses using gzip enconding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1753","reference_id":"","reference_type":"","scores":[{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63827","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63875","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63747","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63843","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63861","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1753"},{"reference_url":"https://bugs.python.org/issue16043","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue16043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046170","reference_id":"1046170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046170"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929","reference_id":"742929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1753","reference_id":"CVE-2013-1753","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2013-1753"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w85n-mm5g-5yd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34876?format=json","vulnerability_id":"VCID-z6kh-961g-duck","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"http://bugs.python.org/issue6706","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue6706"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3492.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3492","reference_id":"","reference_type":"","scores":[{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78446","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78493","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78498","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78452","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01151","scoring_system":"epss","scoring_elements":"0.78466","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01356","scoring_system":"epss","scoring_elements":"0.80136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01356","scoring_system":"epss","scoring_elements":"0.80127","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:215"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:216","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:216"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/09/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/09/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/11/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/11/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/22/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/22/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/09/24/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/09/24/3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=638330","reference_id":"638330","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=638330"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3492","reference_id":"CVE-2010-3492","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3492"},{"reference_url":"https://security.gentoo.org/glsa/201401-04","reference_id":"GLSA-201401-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037387?format=json","purl":"pkg:deb/debian/python2.7@2.7.9-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1taa-a9e4-tbc5"},{"vulnerability":"VCID-2czu-wy37-qugf"},{"vulnerability":"VCID-2shb-2cvn-dyd2"},{"vulnerability":"VCID-3mu8-g6x3-effb"},{"vulnerability":"VCID-4py6-hkzp-v3d4"},{"vulnerability":"VCID-4q79-666d-rygx"},{"vulnerability":"VCID-4z89-3tfk-pyge"},{"vulnerability":"VCID-57c6-hx7f-efc6"},{"vulnerability":"VCID-7jat-6ags-qbdr"},{"vulnerability":"VCID-9mcr-rmtb-mufj"},{"vulnerability":"VCID-c97c-3177-wkhx"},{"vulnerability":"VCID-dkxn-j9dr-sqbp"},{"vulnerability":"VCID-dv5v-71b5-budp"},{"vulnerability":"VCID-gfzb-b7tt-fkgz"},{"vulnerability":"VCID-gkfp-ga1r-jkag"},{"vulnerability":"VCID-hcq4-yq9k-jygb"},{"vulnerability":"VCID-hgwh-tzsf-suc1"},{"vulnerability":"VCID-j9s6-2y47-zbbt"},{"vulnerability":"VCID-k18q-3e9y-ykgf"},{"vulnerability":"VCID-ppqx-qup8-sqbz"},{"vulnerability":"VCID-tyk4-kazt-kydj"},{"vulnerability":"VCID-ugfy-dufq-hfb2"},{"vulnerability":"VCID-v84j-ugn9-w3c8"},{"vulnerability":"VCID-vpwj-d49q-1uh8"},{"vulnerability":"VCID-w6k8-js68-87g4"},{"vulnerability":"VCID-wq7w-nrar-ykde"},{"vulnerability":"VCID-wxhp-wayg-qbd1"},{"vulnerability":"VCID-x7h3-nmjt-aud5"},{"vulnerability":"VCID-xv9p-nyha-xygv"},{"vulnerability":"VCID-yqm8-fk44-4yhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}],"aliases":["CVE-2010-3492"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6kh-961g-duck"}],"risk_score":"8.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2"}