Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1037999?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "type": "deb", "namespace": "debian", "name": "openvswitch", "version": "2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.7.1-2", "latest_non_vulnerable_version": "3.7.1-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77757?format=api", "vulnerability_id": "VCID-1rz7-uz9z-2kbr", "summary": "openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13375", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13609", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13524", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13521", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13595", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13605", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13576", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13468", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13793", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13593", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13674", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13725", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13694", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13658", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063492", "reference_id": "1063492", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063492" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363", "reference_id": "2178363", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11", "reference_id": "cpe:/a:redhat:openshift:3.11", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::fastdatapath", "reference_id": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::fastdatapath", "reference_id": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::fastdatapath", "reference_id": "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::fastdatapath" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3966", "reference_id": "CVE-2023-3966", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3966" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/", "reference_id": "LFZADABUDOFI2KZIRQBYFZCIKH55RGY3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1227", "reference_id": "RHSA-2024:1227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1234", "reference_id": "RHSA-2024:1234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1235", "reference_id": "RHSA-2024:1235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1235" }, { "reference_url": "https://usn.ubuntu.com/6690-1/", "reference_id": "USN-6690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6690-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/", "reference_id": "VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2023-3966" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rz7-uz9z-2kbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78066?format=api", "vulnerability_id": "VCID-5whw-rhdy-nkew", "summary": "openvswitch: openvswitch don't match packets on nd_target field", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5366.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5366.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05266", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05299", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05325", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0535", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05426", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05467", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05507", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05509", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0551", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006347", "reference_id": "2006347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1227", "reference_id": "RHSA-2024:1227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1234", "reference_id": "RHSA-2024:1234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1235", "reference_id": "RHSA-2024:1235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1235" }, { "reference_url": "https://usn.ubuntu.com/6514-1/", "reference_id": "USN-6514-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6514-1/" }, { "reference_url": "https://usn.ubuntu.com/6690-1/", "reference_id": "USN-6690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2023-5366" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5whw-rhdy-nkew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85491?format=api", "vulnerability_id": "VCID-719y-s4zw-ekdc", "summary": "lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88607", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88616", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88632", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88651", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88656", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04146", "scoring_system": "epss", "scoring_elements": "0.88661", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04199", "scoring_system": "epss", "scoring_elements": "0.88773", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04199", "scoring_system": "epss", "scoring_elements": "0.88755", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04199", "scoring_system": "epss", "scoring_elements": "0.88762", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04223", "scoring_system": "epss", "scoring_elements": "0.88777", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04223", "scoring_system": "epss", "scoring_elements": "0.8878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04223", "scoring_system": "epss", "scoring_elements": "0.88778", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896536", "reference_id": "1896536", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896536" }, { "reference_url": "https://security.archlinux.org/ASA-202101-28", "reference_id": "ASA-202101-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-28" }, { "reference_url": "https://security.archlinux.org/AVG-1456", "reference_id": "AVG-1456", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5611", "reference_id": "RHSA-2020:5611", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5611" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5615", "reference_id": "RHSA-2020:5615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0028", "reference_id": "RHSA-2021:0028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0931", "reference_id": "RHSA-2021:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0988", "reference_id": "RHSA-2021:0988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2077", "reference_id": "RHSA-2021:2077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2205", "reference_id": "RHSA-2021:2205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2205" }, { "reference_url": "https://usn.ubuntu.com/4691-1/", "reference_id": "USN-4691-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4691-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038000?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.7%2Bds1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.7%252Bds1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2015-8011" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-719y-s4zw-ekdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95956?format=api", "vulnerability_id": "VCID-at6t-sgxg-j7gr", "summary": "openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.23868", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24029", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24018", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.23978", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24329", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24362", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24145", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24255", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24271", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24172", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24188", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24175", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24152", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22563" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22563", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22563" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/openvswitch/ovs-issues/issues/315", "reference_id": "315", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-02T14:11:03Z/" } ], "url": "https://github.com/openvswitch/ovs-issues/issues/315" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2024-22563" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-at6t-sgxg-j7gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61171?format=api", "vulnerability_id": "VCID-buc7-dne2-yqaj", "summary": "Multiple denial of service vulnerabilites have been found in Open vSwitch.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4337.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61531", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61502", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.6155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61564", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61585", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61572", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61552", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61594", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64704", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64694", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64714", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64727", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64724", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4338" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027273", "reference_id": "1027273", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027273" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155378", "reference_id": "2155378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155378" }, { "reference_url": "https://security.gentoo.org/glsa/202311-16", "reference_id": "GLSA-202311-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0685", "reference_id": "RHSA-2023:0685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0687", "reference_id": "RHSA-2023:0687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0688", "reference_id": "RHSA-2023:0688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0689", "reference_id": "RHSA-2023:0689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0691", "reference_id": "RHSA-2023:0691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0691" }, { "reference_url": "https://usn.ubuntu.com/5890-1/", "reference_id": "USN-5890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2022-4337" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-buc7-dne2-yqaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61172?format=api", "vulnerability_id": "VCID-d8d2-d81a-nkgk", "summary": "Multiple denial of service vulnerabilites have been found in Open vSwitch.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4338.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4338.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6828", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.683", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68276", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68344", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.6837", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68324", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68363", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68377", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70622", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70587", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70637", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70647", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70646", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4338" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027273", "reference_id": "1027273", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027273" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155381", "reference_id": "2155381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155381" }, { "reference_url": "https://security.gentoo.org/glsa/202311-16", "reference_id": "GLSA-202311-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0685", "reference_id": "RHSA-2023:0685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0687", "reference_id": "RHSA-2023:0687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0688", "reference_id": "RHSA-2023:0688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0689", "reference_id": "RHSA-2023:0689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0691", "reference_id": "RHSA-2023:0691", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0691" }, { "reference_url": "https://usn.ubuntu.com/5890-1/", "reference_id": "USN-5890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2022-4338" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d8d2-d81a-nkgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61167?format=api", "vulnerability_id": "VCID-dz8t-nfj7-skgz", "summary": "Multiple denial of service vulnerabilites have been found in Open vSwitch.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27827.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27827.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61545", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61695", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61703", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61619", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.6172", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61714", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61693", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61704", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61682", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61649", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00415", "scoring_system": "epss", "scoring_elements": "0.61668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.6622", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.6624", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00684", "scoring_system": "epss", "scoring_elements": "0.71731", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27827" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921438", "reference_id": "1921438", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921438" }, { "reference_url": "https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html", "reference_id": "379471.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2021-January/379471.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/", "reference_id": "3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980132", "reference_id": "980132", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980132" }, { "reference_url": "https://security.archlinux.org/ASA-202101-28", "reference_id": "ASA-202101-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-28" }, { "reference_url": "https://security.archlinux.org/ASA-202101-29", "reference_id": "ASA-202101-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-29" }, { "reference_url": "https://security.archlinux.org/AVG-1451", "reference_id": "AVG-1451", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1451" }, { "reference_url": "https://security.archlinux.org/AVG-1456", "reference_id": "AVG-1456", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1456" }, { "reference_url": "https://security.gentoo.org/glsa/202311-16", "reference_id": "GLSA-202311-16", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://security.gentoo.org/glsa/202311-16" }, { "reference_url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07", "reference_id": "icsa-21-194-07", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-194-07" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/", "reference_id": "JYA4AMJXCNF6UPFG36L2TPPT32C242SP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0497", "reference_id": "RHSA-2021:0497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0834", "reference_id": "RHSA-2021:0834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0835", "reference_id": "RHSA-2021:0835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0837", "reference_id": "RHSA-2021:0837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0976", "reference_id": "RHSA-2021:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1050", "reference_id": "RHSA-2021:1050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1051", "reference_id": "RHSA-2021:1051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2077", "reference_id": "RHSA-2021:2077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2456", "reference_id": "RHSA-2021:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9158", "reference_id": "RHSA-2024:9158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9158" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/", "reference_id": "SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D/" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf", "reference_id": "ssa-941426.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T13:38:48Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf" }, { "reference_url": "https://usn.ubuntu.com/4691-1/", "reference_id": "USN-4691-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4691-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038000?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.7%2Bds1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.7%252Bds1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2020-27827" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dz8t-nfj7-skgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78997?format=api", "vulnerability_id": "VCID-g5qm-fjsg-z3eq", "summary": "openvswitch: Heap buffer over-read in flow.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32166.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32166.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70167", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70116", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70103", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70146", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70156", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70135", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70186", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70192", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70067", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70044", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.70107", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00622", "scoring_system": "epss", "scoring_elements": "0.7013", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32166" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130577", "reference_id": "2130577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130577" }, { "reference_url": "https://github.com/cloudbase/ovs/commit/2ed6505555cdcb46f9b1f0329d1491b75290fc73", "reference_id": "2ed6505555cdcb46f9b1f0329d1491b75290fc73", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:13:38Z/" } ], "url": "https://github.com/cloudbase/ovs/commit/2ed6505555cdcb46f9b1f0329d1491b75290fc73" }, { "reference_url": "https://www.mend.io/vulnerability-database/CVE-2022-32166", "reference_id": "CVE-2022-32166", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:13:38Z/" } ], "url": "https://www.mend.io/vulnerability-database/CVE-2022-32166" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00036.html", "reference_id": "msg00036.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:13:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00036.html" }, { "reference_url": "https://usn.ubuntu.com/5698-1/", "reference_id": "USN-5698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5698-1/" }, { "reference_url": "https://usn.ubuntu.com/5698-2/", "reference_id": "USN-5698-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5698-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2022-32166" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g5qm-fjsg-z3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61168?format=api", "vulnerability_id": "VCID-jj4q-qp7b-j3hu", "summary": "Multiple denial of service vulnerabilites have been found in Open vSwitch.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35498.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35498.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90428", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90504", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90432", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90445", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.9045", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90463", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90476", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90486", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90484", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90498", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90497", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05765", "scoring_system": "epss", "scoring_elements": "0.90495", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35498" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908845", "reference_id": "1908845", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:22Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908845" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2021/02/10/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:22Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2021/02/10/4" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982493", "reference_id": "982493", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982493" }, { "reference_url": "https://security.archlinux.org/AVG-1564", "reference_id": "AVG-1564", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1564" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4852", "reference_id": "dsa-4852", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:22Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4852" }, { "reference_url": "https://security.gentoo.org/glsa/202311-16", "reference_id": "GLSA-202311-16", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:22Z/" } ], "url": "https://security.gentoo.org/glsa/202311-16" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html", "reference_id": "msg00032.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:22Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0497", "reference_id": "RHSA-2021:0497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0834", "reference_id": "RHSA-2021:0834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0835", "reference_id": "RHSA-2021:0835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0837", "reference_id": "RHSA-2021:0837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1050", "reference_id": "RHSA-2021:1050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2077", "reference_id": "RHSA-2021:2077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2456", "reference_id": "RHSA-2021:2456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2456" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/", "reference_id": "UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:22Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/" }, { "reference_url": "https://usn.ubuntu.com/4729-1/", "reference_id": "USN-4729-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4729-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038000?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.7%2Bds1-0%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.7%252Bds1-0%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2020-35498" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jj4q-qp7b-j3hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61170?format=api", "vulnerability_id": "VCID-nw3h-mswm-v7d2", "summary": "Multiple denial of service vulnerabilites have been found in Open vSwitch.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36980.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36980.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22829", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22577", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23042", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22834", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22907", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22959", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22978", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22898", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22891", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22853", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22689", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22683", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22681", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36980" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984473", "reference_id": "1984473", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984473" }, { "reference_url": "https://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f", "reference_id": "38744b1bcb022c611712527f039722115300f58f", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f" }, { "reference_url": "https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3", "reference_id": "65c61b0c23a0d474696d7b1cea522a5016a8aeb3", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3" }, { "reference_url": "https://github.com/openvswitch/ovs/commit/6d67310f4d2524b466b98f05ebccc1add1e8cf35", "reference_id": "6d67310f4d2524b466b98f05ebccc1add1e8cf35", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/openvswitch/ovs/commit/6d67310f4d2524b466b98f05ebccc1add1e8cf35" }, { "reference_url": "https://github.com/openvswitch/ovs/commit/77cccc74deede443e8b9102299efc869a52b65b2", "reference_id": "77cccc74deede443e8b9102299efc869a52b65b2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/openvswitch/ovs/commit/77cccc74deede443e8b9102299efc869a52b65b2" }, { "reference_url": "https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575", "reference_id": "8ce8dc34b5f73b30ce0c1869af9947013c3c6575", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991308", "reference_id": "991308", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991308" }, { "reference_url": "https://github.com/openvswitch/ovs/commit/9926637a80d0d243dbf9c49761046895e9d1a8e2", "reference_id": "9926637a80d0d243dbf9c49761046895e9d1a8e2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/openvswitch/ovs/commit/9926637a80d0d243dbf9c49761046895e9d1a8e2" }, { "reference_url": "https://security.archlinux.org/ASA-202107-40", "reference_id": "ASA-202107-40", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-40" }, { "reference_url": "https://security.archlinux.org/AVG-2177", "reference_id": "AVG-2177", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2177" }, { "reference_url": "https://security.gentoo.org/glsa/202311-16", "reference_id": "GLSA-202311-16", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://security.gentoo.org/glsa/202311-16" }, { "reference_url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvswitch/OSV-2020-2197.yaml", "reference_id": "OSV-2020-2197.yaml", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:22:15Z/" } ], "url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvswitch/OSV-2020-2197.yaml" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3758", "reference_id": "RHSA-2021:3758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3942", "reference_id": "RHSA-2021:3942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3942" }, { "reference_url": "https://usn.ubuntu.com/5065-1/", "reference_id": "USN-5065-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5065-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2021-36980" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw3h-mswm-v7d2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61173?format=api", "vulnerability_id": "VCID-sq5h-zx4v-67hm", "summary": "Multiple denial of service vulnerabilites have been found in Open vSwitch.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1668.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1668.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47745", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47753", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51732", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51783", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55106", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55118", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.5508", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55122", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55102", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55081", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55056", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55107", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1668" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034042", "reference_id": "1034042", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034042" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137666", "reference_id": "2137666", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137666" }, { "reference_url": "https://security.gentoo.org/glsa/202311-16", "reference_id": "GLSA-202311-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1765", "reference_id": "RHSA-2023:1765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1766", "reference_id": "RHSA-2023:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1769", "reference_id": "RHSA-2023:1769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1770", "reference_id": "RHSA-2023:1770", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1823", "reference_id": "RHSA-2023:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1824", "reference_id": "RHSA-2023:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3491", "reference_id": "RHSA-2023:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3491" }, { "reference_url": "https://usn.ubuntu.com/6068-1/", "reference_id": "USN-6068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050990?format=api", "purl": "pkg:deb/debian/openvswitch@2.15.0%2Bds1-2%2Bdeb11u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y5t4-51s4-zqer" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.15.0%252Bds1-2%252Bdeb11u5" } ], "aliases": [ "CVE-2023-1668" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sq5h-zx4v-67hm" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83106?format=api", "vulnerability_id": "VCID-167g-xgrw-kubp", "summary": "openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17204.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17204.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78236", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78257", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78283", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78315", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78293", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.7832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78317", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78349", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78356", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78372", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01127", "scoring_system": "epss", "scoring_elements": "0.78385", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17204" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632522", "reference_id": "1632522", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3500", "reference_id": "RHSA-2018:3500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0053", "reference_id": "RHSA-2019:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0081", "reference_id": "RHSA-2019:0081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0081" }, { "reference_url": "https://usn.ubuntu.com/3873-1/", "reference_id": "USN-3873-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3873-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2018-17204" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-167g-xgrw-kubp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84284?format=api", "vulnerability_id": "VCID-21ps-f19w-87hx", "summary": "openvswitch: Buffer over-read while parsing the group mod OpenFlow message", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9265.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9265.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80511", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80588", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80518", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.8054", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80561", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80574", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01417", "scoring_system": "epss", "scoring_elements": "0.80566", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81393", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81388", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81381", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01532", "scoring_system": "epss", "scoring_elements": "0.81409", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01843", "scoring_system": "epss", "scoring_elements": "0.83002", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01843", "scoring_system": "epss", "scoring_elements": "0.83003", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01843", "scoring_system": "epss", "scoring_elements": "0.83006", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9265" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9265", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9265" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457335", "reference_id": "1457335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457335" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863662", "reference_id": "863662", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2418", "reference_id": "RHSA-2017:2418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2553", "reference_id": "RHSA-2017:2553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2648", "reference_id": "RHSA-2017:2648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2665", "reference_id": "RHSA-2017:2665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2692", "reference_id": "RHSA-2017:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2698", "reference_id": "RHSA-2017:2698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2727", "reference_id": "RHSA-2017:2727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2727" }, { "reference_url": "https://usn.ubuntu.com/3450-1/", "reference_id": "USN-3450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3450-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2017-9265" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21ps-f19w-87hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83108?format=api", "vulnerability_id": "VCID-2zq9-f9yb-v3gw", "summary": "openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17206.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83903", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83937", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83967", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83976", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83996", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83997", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.83999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.84025", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.84032", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.84036", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02077", "scoring_system": "epss", "scoring_elements": "0.84056", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17206" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632528", "reference_id": "1632528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3500", "reference_id": "RHSA-2018:3500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0053", "reference_id": "RHSA-2019:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0081", "reference_id": "RHSA-2019:0081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0081" }, { "reference_url": "https://usn.ubuntu.com/3873-1/", "reference_id": "USN-3873-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3873-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2018-17206" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zq9-f9yb-v3gw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84348?format=api", "vulnerability_id": "VCID-4rhb-vhvc-v3cx", "summary": "openvswitch: Integer underflow in the ofputil_pull_queue_get_config_reply10 function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9214.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.8735", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87451", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87431", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87437", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87359", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87375", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87374", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87393", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87399", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87406", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87402", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87417", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.8742", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0339", "scoring_system": "epss", "scoring_elements": "0.87415", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9214" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456795", "reference_id": "1456795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456795" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863228", "reference_id": "863228", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2418", "reference_id": "RHSA-2017:2418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2553", "reference_id": "RHSA-2017:2553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2648", "reference_id": "RHSA-2017:2648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2665", "reference_id": "RHSA-2017:2665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2692", "reference_id": "RHSA-2017:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2698", "reference_id": "RHSA-2017:2698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2727", "reference_id": "RHSA-2017:2727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2727" }, { "reference_url": "https://usn.ubuntu.com/3450-1/", "reference_id": "USN-3450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3450-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2017-9214" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rhb-vhvc-v3cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83107?format=api", "vulnerability_id": "VCID-6gap-zvsn-fqg7", "summary": "openvswitch: Error during bundle commit in ofproto/ofproto.c:ofproto_rule_insert__() allows for crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17205.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17205.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17205", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73487", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73495", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73518", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73489", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73526", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.7354", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73538", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73581", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73591", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73584", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73617", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73626", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73625", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00771", "scoring_system": "epss", "scoring_elements": "0.73618", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17205" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632525", "reference_id": "1632525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3500", "reference_id": "RHSA-2018:3500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0053", "reference_id": "RHSA-2019:0053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0081", "reference_id": "RHSA-2019:0081", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:0081" }, { "reference_url": "https://usn.ubuntu.com/3873-1/", "reference_id": "USN-3873-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3873-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2018-17205" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6gap-zvsn-fqg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84283?format=api", "vulnerability_id": "VCID-qrfh-87d5-ybh6", "summary": "openvswitch: Invalid processing of a malicious OpenFlow role status message", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9263.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9263.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31354", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33865", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34394", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34381", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.3434", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33968", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33948", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48092", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48103", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48037", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48096", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48046", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48099", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48093", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9263" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457327", "reference_id": "1457327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457327" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863655", "reference_id": "863655", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2418", "reference_id": "RHSA-2017:2418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2553", "reference_id": "RHSA-2017:2553", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2648", "reference_id": "RHSA-2017:2648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2665", "reference_id": "RHSA-2017:2665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2692", "reference_id": "RHSA-2017:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2698", "reference_id": "RHSA-2017:2698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2727", "reference_id": "RHSA-2017:2727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2727" }, { "reference_url": "https://usn.ubuntu.com/3450-1/", "reference_id": "USN-3450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3450-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2017-9263" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrfh-87d5-ybh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83947?format=api", "vulnerability_id": "VCID-s6b4-xqmn-w3dc", "summary": "openvswitch: Multiple memory leaks in lib/ofp-util.c while parsing malformed OpenFlow group mod messages", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66399", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66526", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66511", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66536", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66551", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66552", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66438", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66464", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66435", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66484", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66497", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66505", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66474", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66509", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66527", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14970" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html" }, { "reference_url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497966", "reference_id": "1497966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497966" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877543", "reference_id": "877543", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877543" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14970", "reference_id": "CVE-2017-14970", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14970" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2017-14970" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s6b4-xqmn-w3dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84539?format=api", "vulnerability_id": "VCID-xcxc-et9w-uqhd", "summary": "openvswitch: Buffer over-read while parsing malformed TCP, UDP and IPv6 packets", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.7376", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.7377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73793", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73764", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73799", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73834", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73807", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.7385", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73858", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73849", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73884", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00786", "scoring_system": "epss", "scoring_elements": "0.73888", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9264" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457329", "reference_id": "1457329", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457329" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863661", "reference_id": "863661", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2418", "reference_id": "RHSA-2017:2418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2648", "reference_id": "RHSA-2017:2648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2727", "reference_id": "RHSA-2017:2727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2727" }, { "reference_url": "https://usn.ubuntu.com/3450-1/", "reference_id": "USN-3450-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3450-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037999?format=api", "purl": "pkg:deb/debian/openvswitch@2.10.0%2B2018.08.28%2Bgit.8ca7c82b7d%2Bds1-12%2Bdeb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rz7-uz9z-2kbr" }, { "vulnerability": "VCID-5whw-rhdy-nkew" }, { "vulnerability": "VCID-719y-s4zw-ekdc" }, { "vulnerability": "VCID-at6t-sgxg-j7gr" }, { "vulnerability": "VCID-buc7-dne2-yqaj" }, { "vulnerability": "VCID-d8d2-d81a-nkgk" }, { "vulnerability": "VCID-dz8t-nfj7-skgz" }, { "vulnerability": "VCID-g5qm-fjsg-z3eq" }, { "vulnerability": "VCID-jj4q-qp7b-j3hu" }, { "vulnerability": "VCID-nw3h-mswm-v7d2" }, { "vulnerability": "VCID-sq5h-zx4v-67hm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" } ], "aliases": [ "CVE-2017-9264" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xcxc-et9w-uqhd" } ], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvswitch@2.10.0%252B2018.08.28%252Bgit.8ca7c82b7d%252Bds1-12%252Bdeb10u2" }