{"url":"http://public2.vulnerablecode.io/api/packages/1037841?format=json","purl":"pkg:deb/debian/zlib@1:1.1.4-1.0woody0","type":"deb","namespace":"debian","name":"zlib","version":"1:1.1.4-1.0woody0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:1.3.dfsg+really1.3.2-3","latest_non_vulnerable_version":"1:1.3.dfsg+really1.3.2-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89053?format=json","vulnerability_id":"VCID-1vu9-xzw9-kfe2","summary":"zlib DoS","references":[{"reference_url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"},{"reference_url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096","reference_id":"","reference_type":"","scores":[{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97507","published_at":"2026-05-05T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97466","published_at":"2026-04-01T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97473","published_at":"2026-04-02T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97476","published_at":"2026-04-04T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97477","published_at":"2026-04-07T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97483","published_at":"2026-04-08T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97484","published_at":"2026-04-09T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97487","published_at":"2026-04-11T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.9749","published_at":"2026-04-13T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97497","published_at":"2026-04-16T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.975","published_at":"2026-04-26T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97499","published_at":"2026-04-24T12:55:00Z"},{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97503","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096"},{"reference_url":"http://secunia.com/advisories/15949","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/15949"},{"reference_url":"http://secunia.com/advisories/17054","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17054"},{"reference_url":"http://secunia.com/advisories/17225","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17225"},{"reference_url":"http://secunia.com/advisories/17236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17236"},{"reference_url":"http://secunia.com/advisories/17326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17326"},{"reference_url":"http://secunia.com/advisories/17516","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17516"},{"reference_url":"http://secunia.com/advisories/18377","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18377"},{"reference_url":"http://secunia.com/advisories/18406","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18406"},{"reference_url":"http://secunia.com/advisories/18507","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18507"},{"reference_url":"http://secunia.com/advisories/19550","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19550"},{"reference_url":"http://secunia.com/advisories/19597","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19597"},{"reference_url":"http://secunia.com/advisories/24788","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24788"},{"reference_url":"http://secunia.com/advisories/31492","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31492"},{"reference_url":"http://secunia.com/advisories/32706","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32706"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200507-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200507-05.xml"},{"reference_url":"http://securitytracker.com/id?1014398","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1014398"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24064","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"},{"reference_url":"http://support.apple.com/kb/HT3298","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3298"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"},{"reference_url":"http://www.debian.org/security/2005/dsa-740","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-740"},{"reference_url":"http://www.debian.org/security/2005/dsa-797","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-797"},{"reference_url":"http://www.debian.org/security/2006/dsa-1026","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2006/dsa-1026"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"},{"reference_url":"http://www.kb.cert.org/vuls/id/680620","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/680620"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:112","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-569.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-569.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html"},{"reference_url":"http://www.securityfocus.com/archive/1/421411/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/421411/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482503/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482503/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482505/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482505/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482571/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482571/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482601/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482601/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482949/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482949/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/482950/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/482950/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14162","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14162"},{"reference_url":"http://www.ubuntulinux.org/usn/usn-151-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntulinux.org/usn/usn-151-3"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"},{"reference_url":"http://www.vupen.com/english/advisories/2005/0978","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/0978"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0144","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0144"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1267","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1267"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133","reference_id":"317133","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523","reference_id":"317523","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966","reference_id":"317966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967","reference_id":"317967","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968","reference_id":"317968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014","reference_id":"318014","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318069","reference_id":"318069","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091","reference_id":"318091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099","reference_id":"318099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100","reference_id":"318100","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246","reference_id":"318246","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236","reference_id":"332236","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650","reference_id":"430650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2096","reference_id":"CVE-2005-2096","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:569","reference_id":"RHSA-2005:569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/148-1/","reference_id":"USN-148-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/148-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037843?format=json","purl":"pkg:deb/debian/zlib@1:1.2.3-13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3aq8-fkrc-hqa2"},{"vulnerability":"VCID-eyjp-7kks-jbfr"},{"vulnerability":"VCID-m6xx-a91r-sbhu"},{"vulnerability":"VCID-mr6h-6jrp-gyf3"},{"vulnerability":"VCID-smft-ms93-6kf1"},{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.3-13"}],"aliases":["CVE-2005-2096"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vu9-xzw9-kfe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65193?format=json","vulnerability_id":"VCID-3aq8-fkrc-hqa2","summary":"zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22184.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22184.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22184","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04137","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04175","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04206","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04221","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04203","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04161","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00425","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00455","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00453","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00421","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22184"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22184"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427688","reference_id":"2427688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427688"},{"reference_url":"https://seclists.org/fulldisclosure/2026/Jan/3","reference_id":"3","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://seclists.org/fulldisclosure/2026/Jan/3"},{"reference_url":"https://github.com/madler/zlib","reference_id":"zlib","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://github.com/madler/zlib"},{"reference_url":"https://zlib.net/","reference_id":"zlib.net","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://zlib.net/"},{"reference_url":"https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname","reference_id":"zlib-untgz-global-buffer-overflow-in-tgzfname","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-01-07T21:17:54Z/"}],"url":"https://www.vulncheck.com/advisories/zlib-untgz-global-buffer-overflow-in-tgzfname"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037846?format=json","purl":"pkg:deb/debian/zlib@1:1.2.7.dfsg-13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-eyjp-7kks-jbfr"},{"vulnerability":"VCID-m6xx-a91r-sbhu"},{"vulnerability":"VCID-mr6h-6jrp-gyf3"},{"vulnerability":"VCID-smft-ms93-6kf1"},{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.7.dfsg-13"}],"aliases":["CVE-2026-22184"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3aq8-fkrc-hqa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56189?format=json","vulnerability_id":"VCID-eyjp-7kks-jbfr","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841","reference_id":"","reference_type":"","scores":[{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94242","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94213","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94229","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94234","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94204","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20848","scoring_system":"epss","scoring_elements":"0.95599","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346","reference_id":"1402346","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037848?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-5"}],"aliases":["CVE-2016-9841"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyjp-7kks-jbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56190?format=json","vulnerability_id":"VCID-m6xx-a91r-sbhu","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842","reference_id":"","reference_type":"","scores":[{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93839","published_at":"2026-04-26T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93845","published_at":"2026-05-05T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.9377","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93804","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93779","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348","reference_id":"1402348","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/05/21","reference_id":"21","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/05/21"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274","reference_id":"847274","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"http://www.securityfocus.com/bid/95131","reference_id":"95131","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.securityfocus.com/bid/95131"},{"reference_url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib","reference_id":"Completed#zlib","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"},{"reference_url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958","reference_id":"e54e1299404101a5a9d0cf5e45512b543967f958","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html","reference_id":"msg00050.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html","reference_id":"msg00053.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html","reference_id":"msg00127.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf","reference_id":"Zlib-report.pdf","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037848?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-5"}],"aliases":["CVE-2016-9842"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6xx-a91r-sbhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56188?format=json","vulnerability_id":"VCID-mr6h-6jrp-gyf3","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840","reference_id":"","reference_type":"","scores":[{"value":"0.07707","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-04-21T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93087","published_at":"2026-05-05T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.9308","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.9405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94072","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94076","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94081","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94041","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.9406","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345","reference_id":"1402345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10541","reference_id":"RHSA-2025:10541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11048","reference_id":"RHSA-2025:11048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12013","reference_id":"RHSA-2025:12013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13947","reference_id":"RHSA-2025:13947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8284","reference_id":"RHSA-2025:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8314","reference_id":"RHSA-2025:8314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8395","reference_id":"RHSA-2025:8395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8395"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037848?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-5"}],"aliases":["CVE-2016-9840"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mr6h-6jrp-gyf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57323?format=json","vulnerability_id":"VCID-s8dx-tft2-nfg6","summary":"The zlib library contains a Denial of Service vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0797","reference_id":"","reference_type":"","scores":[{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84042","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84072","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.8412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84115","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.8411","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84133","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84162","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84169","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84173","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02112","scoring_system":"epss","scoring_elements":"0.84194","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0797"},{"reference_url":"https://security.gentoo.org/glsa/200408-26","reference_id":"GLSA-200408-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200408-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037842?format=json","purl":"pkg:deb/debian/zlib@1:1.2.2-4.sarge.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vu9-xzw9-kfe2"},{"vulnerability":"VCID-3aq8-fkrc-hqa2"},{"vulnerability":"VCID-eyjp-7kks-jbfr"},{"vulnerability":"VCID-m6xx-a91r-sbhu"},{"vulnerability":"VCID-mr6h-6jrp-gyf3"},{"vulnerability":"VCID-smft-ms93-6kf1"},{"vulnerability":"VCID-sn99-6y6w-ybc6"},{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.2-4.sarge.2"}],"aliases":["CVE-2004-0797"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8dx-tft2-nfg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56191?format=json","vulnerability_id":"VCID-smft-ms93-6kf1","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843","reference_id":"","reference_type":"","scores":[{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.9454","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94547","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.9459","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94595","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.946","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94609","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351","reference_id":"1402351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275","reference_id":"847275","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/7959-1/","reference_id":"USN-7959-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7959-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037848?format=json","purl":"pkg:deb/debian/zlib@1:1.2.8.dfsg-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.8.dfsg-5"}],"aliases":["CVE-2016-9843"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smft-ms93-6kf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47390?format=json","vulnerability_id":"VCID-sn99-6y6w-ybc6","summary":"Pngcrush is vulnerable to a buffer overflow which could potentially lead to\n    the execution of arbitrary code.","references":[{"reference_url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1849","reference_id":"","reference_type":"","scores":[{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92107","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92053","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92059","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92067","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92071","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92083","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92087","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.9209","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92086","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92095","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92094","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92099","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07988","scoring_system":"epss","scoring_elements":"0.92096","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1849"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849"},{"reference_url":"http://secunia.com/advisories/16137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16137"},{"reference_url":"http://secunia.com/advisories/17326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17326"},{"reference_url":"http://secunia.com/advisories/17516","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17516"},{"reference_url":"http://secunia.com/advisories/18377","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18377"},{"reference_url":"http://secunia.com/advisories/19334","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19334"},{"reference_url":"http://secunia.com/advisories/19550","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19550"},{"reference_url":"http://secunia.com/advisories/19597","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19597"},{"reference_url":"http://secunia.com/advisories/24788","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24788"},{"reference_url":"http://secunia.com/advisories/31492","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31492"},{"reference_url":"http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz","reference_id":"","reference_type":"","scores":[],"url":"http://security.debian.org/pool/updates/main/z/zlib/zlib_1.2.2-4.sarge.2.diff.gz"},{"reference_url":"http://securitytracker.com/id?1014540","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1014540"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/21456","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/21456"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11402","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11402"},{"reference_url":"http://www.debian.org/security/2005/dsa-763","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-763"},{"reference_url":"http://www.debian.org/security/2005/dsa-797","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-797"},{"reference_url":"http://www.debian.org/security/2006/dsa-1026","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2006/dsa-1026"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200603-18.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200603-18.xml"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_43_zlib.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_43_zlib.html"},{"reference_url":"http://www.osvdb.org/18141","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/18141"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-584.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-584.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0629.html"},{"reference_url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/464745/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14340","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14340"},{"reference_url":"http://www.ubuntulinux.org/usn/usn-151-3","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntulinux.org/usn/usn-151-3"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"},{"reference_url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1267","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430649","reference_id":"430649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1849","reference_id":"CVE-2005-1849","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1849"},{"reference_url":"https://security.gentoo.org/glsa/200603-18","reference_id":"GLSA-200603-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:584","reference_id":"RHSA-2005:584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/151-1/","reference_id":"USN-151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037843?format=json","purl":"pkg:deb/debian/zlib@1:1.2.3-13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3aq8-fkrc-hqa2"},{"vulnerability":"VCID-eyjp-7kks-jbfr"},{"vulnerability":"VCID-m6xx-a91r-sbhu"},{"vulnerability":"VCID-mr6h-6jrp-gyf3"},{"vulnerability":"VCID-smft-ms93-6kf1"},{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.3-13"}],"aliases":["CVE-2005-1849"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sn99-6y6w-ybc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13518?format=json","vulnerability_id":"VCID-xd6j-x83x-r3gn","summary":"Out-of-bounds Write\nzlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25032","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24102","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23937","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.24064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25241","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2528","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25309","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25318","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25282","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2535","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25394","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25364","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25311","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25068","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25232","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25032"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/33","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/33"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/35","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/35"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/38","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/38"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"},{"reference_url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"},{"reference_url":"https://github.com/madler/zlib/issues/605","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://github.com/madler/zlib/issues/605"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"},{"reference_url":"https://security.gentoo.org/glsa/202210-42","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.gentoo.org/glsa/202210-42"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220526-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220526-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220526-0009/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220526-0009/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220729-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0004/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220729-0004/"},{"reference_url":"https://support.apple.com/kb/HT213255","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213255"},{"reference_url":"https://support.apple.com/kb/HT213256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213256"},{"reference_url":"https://support.apple.com/kb/HT213257","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://support.apple.com/kb/HT213257"},{"reference_url":"https://www.debian.org/security/2022/dsa-5111","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.debian.org/security/2022/dsa-5111"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/24/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/24/1"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/28/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/28/1"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/03/28/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/03/28/3"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/03/25/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/03/25/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/03/26/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/03/26/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265","reference_id":"1008265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008265"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067945","reference_id":"2067945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067945"},{"reference_url":"https://security.archlinux.org/ASA-202204-3","reference_id":"ASA-202204-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-3"},{"reference_url":"https://security.archlinux.org/AVG-2657","reference_id":"AVG-2657","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2657"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25032","reference_id":"CVE-2018-25032","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25032"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml","reference_id":"CVE-2018-25032.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-25032.yml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/","reference_id":"DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/","reference_id":"DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"},{"reference_url":"https://github.com/advisories/GHSA-jc36-42cf-vqwj","reference_id":"GHSA-jc36-42cf-vqwj","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jc36-42cf-vqwj"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5","reference_id":"GHSA-v6gp-9mmm-c6p5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-v6gp-9mmm-c6p5"},{"reference_url":"https://security.gentoo.org/glsa/202405-22","reference_id":"GLSA-202405-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-22"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/","reference_id":"JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/","reference_id":"NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1591","reference_id":"RHSA-2022:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1642","reference_id":"RHSA-2022:1642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1661","reference_id":"RHSA-2022:1661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2192","reference_id":"RHSA-2022:2192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2197","reference_id":"RHSA-2022:2197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2198","reference_id":"RHSA-2022:2198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2201","reference_id":"RHSA-2022:2201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2213","reference_id":"RHSA-2022:2213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2213"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2214","reference_id":"RHSA-2022:2214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4584","reference_id":"RHSA-2022:4584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4592","reference_id":"RHSA-2022:4592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4845","reference_id":"RHSA-2022:4845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4896","reference_id":"RHSA-2022:4896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5439","reference_id":"RHSA-2022:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7813","reference_id":"RHSA-2022:7813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8420","reference_id":"RHSA-2022:8420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0943","reference_id":"RHSA-2023:0943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0975","reference_id":"RHSA-2023:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0976","reference_id":"RHSA-2023:0976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0976"},{"reference_url":"https://usn.ubuntu.com/5355-1/","reference_id":"USN-5355-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5355-1/"},{"reference_url":"https://usn.ubuntu.com/5355-2/","reference_id":"USN-5355-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5355-2/"},{"reference_url":"https://usn.ubuntu.com/5359-1/","reference_id":"USN-5359-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5359-1/"},{"reference_url":"https://usn.ubuntu.com/5359-2/","reference_id":"USN-5359-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5359-2/"},{"reference_url":"https://usn.ubuntu.com/5739-1/","reference_id":"USN-5739-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5739-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/","reference_id":"VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/","reference_id":"XOKFMSNQ5D5WGMALBNBXU3GE442V74WU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:25Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037850?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/994737?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2"}],"aliases":["CVE-2018-25032","GHSA-jc36-42cf-vqwj"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xd6j-x83x-r3gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89750?format=json","vulnerability_id":"VCID-y9kk-6zyw-6qfn","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0107","reference_id":"","reference_type":"","scores":[{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97039","published_at":"2026-04-01T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97046","published_at":"2026-04-02T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.9705","published_at":"2026-04-04T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97051","published_at":"2026-04-07T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97065","published_at":"2026-04-12T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97066","published_at":"2026-04-13T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.9708","published_at":"2026-04-18T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97084","published_at":"2026-04-21T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97085","published_at":"2026-04-24T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97088","published_at":"2026-04-29T12:55:00Z"},{"value":"0.35642","scoring_system":"epss","scoring_elements":"0.97091","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616967","reference_id":"1616967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616967"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22273.c","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22273.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22274.c","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22274.c"},{"reference_url":"https://www.securityfocus.com/bid/6913/info","reference_id":"CVE-2003-0107;OSVDB-6599","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6913/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:079","reference_id":"RHSA-2003:079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:081","reference_id":"RHSA-2003:081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:081"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037842?format=json","purl":"pkg:deb/debian/zlib@1:1.2.2-4.sarge.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vu9-xzw9-kfe2"},{"vulnerability":"VCID-3aq8-fkrc-hqa2"},{"vulnerability":"VCID-eyjp-7kks-jbfr"},{"vulnerability":"VCID-m6xx-a91r-sbhu"},{"vulnerability":"VCID-mr6h-6jrp-gyf3"},{"vulnerability":"VCID-smft-ms93-6kf1"},{"vulnerability":"VCID-sn99-6y6w-ybc6"},{"vulnerability":"VCID-xd6j-x83x-r3gn"},{"vulnerability":"VCID-ys8b-uuv1-pkfm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.2-4.sarge.2"}],"aliases":["CVE-2003-0107"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y9kk-6zyw-6qfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51055?format=json","vulnerability_id":"VCID-ys8b-uuv1-pkfm","summary":"A buffer overflow in zlib might allow an attacker to cause remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37434.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37434","reference_id":"","reference_type":"","scores":[{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99745","published_at":"2026-05-05T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99743","published_at":"2026-04-26T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99744","published_at":"2026-04-29T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99736","published_at":"2026-04-02T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99737","published_at":"2026-04-04T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99738","published_at":"2026-04-13T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.9974","published_at":"2026-04-18T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99741","published_at":"2026-04-21T12:55:00Z"},{"value":"0.92544","scoring_system":"epss","scoring_elements":"0.99742","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37434"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/curl/curl/issues/9271","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/curl/curl/issues/9271"},{"reference_url":"https://github.com/ivd38/zlib_overflow","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ivd38/zlib_overflow"},{"reference_url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/madler/zlib/blob/21767c654d31d2dccdde4330529775c6c5fd5389/zlib.h#L1062-L1063"},{"reference_url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1"},{"reference_url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/nodejs/node/blob/75b68c6e4db515f76df73af476eccf382bbcb00a/deps/zlib/inflate.c#L762-L764"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/05/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/05/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/09/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2022/08/09/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016710","reference_id":"1016710","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116639","reference_id":"2116639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116639"},{"reference_url":"https://security.archlinux.org/AVG-2821","reference_id":"AVG-2821","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2821"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434","reference_id":"CVE-2022-37434","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7106","reference_id":"RHSA-2022:7106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7314","reference_id":"RHSA-2022:7314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7793","reference_id":"RHSA-2022:7793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8291","reference_id":"RHSA-2022:8291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1095","reference_id":"RHSA-2023:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0254","reference_id":"RHSA-2024:0254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0254"},{"reference_url":"https://usn.ubuntu.com/5570-1/","reference_id":"USN-5570-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5570-1/"},{"reference_url":"https://usn.ubuntu.com/5570-2/","reference_id":"USN-5570-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5570-2/"},{"reference_url":"https://usn.ubuntu.com/5573-1/","reference_id":"USN-5573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5573-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994737?format=json","purl":"pkg:deb/debian/zlib@1:1.2.11.dfsg-2%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ac5e-emja-v3fe"},{"vulnerability":"VCID-v6pc-48dg-4kad"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.2.11.dfsg-2%252Bdeb11u2"}],"aliases":["CVE-2022-37434"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ys8b-uuv1-pkfm"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/zlib@1:1.1.4-1.0woody0"}