{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","type":"deb","namespace":"debian","name":"python2.7","version":"2.7.18-8+deb11u1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82500?format=json","vulnerability_id":"VCID-1taa-a9e4-tbc5","summary":"python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10160","reference_id":"","reference_type":"","scores":[{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.7973","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79759","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79788","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79766","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81073","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81029","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01472","scoring_system":"epss","scoring_elements":"0.81051","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82653","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82656","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82678","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82694","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82652","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01763","scoring_system":"epss","scoring_elements":"0.82619","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1718388","reference_id":"1718388","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1718388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1587","reference_id":"RHSA-2019:1587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1700","reference_id":"RHSA-2019:1700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2437","reference_id":"RHSA-2019:2437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2437"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-10160"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1taa-a9e4-tbc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78162?format=json","vulnerability_id":"VCID-2czu-wy37-qugf","summary":"python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48566","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25405","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25276","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25344","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26811","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27036","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27081","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27085","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2704","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26984","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26992","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26967","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26931","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26883","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238753","reference_id":"2238753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238753"},{"reference_url":"https://bugs.python.org/issue40791","reference_id":"issue40791","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://bugs.python.org/issue40791"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0013/","reference_id":"ntap-20231006-0013","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0013/"},{"reference_url":"https://usn.ubuntu.com/6400-1/","reference_id":"USN-6400-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6400-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-48566"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2czu-wy37-qugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42640?format=json","vulnerability_id":"VCID-2shb-2cvn-dyd2","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24329","reference_id":"","reference_type":"","scores":[{"value":"0.01081","scoring_system":"epss","scoring_elements":"0.77879","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01081","scoring_system":"epss","scoring_elements":"0.77911","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80808","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80881","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.8086","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80838","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80822","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.8078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80778","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.80742","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01445","scoring_system":"epss","scoring_elements":"0.8075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.816","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81653","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81581","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81633","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0159","scoring_system":"epss","scoring_elements":"0.81602","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/issues/102153","reference_id":"102153","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://github.com/python/cpython/issues/102153"},{"reference_url":"https://www.kb.cert.org/vuls/id/127587","reference_id":"127587","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://www.kb.cert.org/vuls/id/127587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173917","reference_id":"2173917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2173917"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/","reference_id":"6PEVICI7YNGGMSL3UCMWGE66QFLATH72","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/"},{"reference_url":"https://github.com/python/cpython/pull/99421","reference_id":"99421","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://github.com/python/cpython/pull/99421"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/","reference_id":"DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/","reference_id":"EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/","reference_id":"F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/","reference_id":"GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/","reference_id":"H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/","reference_id":"JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/","reference_id":"LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/","reference_id":"MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230324-0004/","reference_id":"ntap-20230324-0004","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230324-0004/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/","reference_id":"O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/","reference_id":"OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/","reference_id":"PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/","reference_id":"PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/"},{"reference_url":"https://pointernull.com/security/python-url-parse-problem.html","reference_id":"python-url-parse-problem.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://pointernull.com/security/python-url-parse-problem.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/","reference_id":"Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/","reference_id":"QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/","reference_id":"RA2MBEEES6L46OD64OBSVUUMGKNGMOWW","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3550","reference_id":"RHSA-2023:3550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3555","reference_id":"RHSA-2023:3555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3555"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3556","reference_id":"RHSA-2023:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3585","reference_id":"RHSA-2023:3585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3591","reference_id":"RHSA-2023:3591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3594","reference_id":"RHSA-2023:3594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3595","reference_id":"RHSA-2023:3595","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3776","reference_id":"RHSA-2023:3776","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3777","reference_id":"RHSA-2023:3777","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3777"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3780","reference_id":"RHSA-2023:3780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3781","reference_id":"RHSA-2023:3781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3796","reference_id":"RHSA-2023:3796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3810","reference_id":"RHSA-2023:3810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3811","reference_id":"RHSA-2023:3811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3931","reference_id":"RHSA-2023:3931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3932","reference_id":"RHSA-2023:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3934","reference_id":"RHSA-2023:3934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3935","reference_id":"RHSA-2023:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3936","reference_id":"RHSA-2023:3936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4004","reference_id":"RHSA-2023:4004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4008","reference_id":"RHSA-2023:4008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4032","reference_id":"RHSA-2023:4032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4038","reference_id":"RHSA-2023:4038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4203","reference_id":"RHSA-2023:4203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4282","reference_id":"RHSA-2023:4282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6793","reference_id":"RHSA-2023:6793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6793"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/","reference_id":"T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/","reference_id":"TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/","reference_id":"U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/","reference_id":"UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/"},{"reference_url":"https://usn.ubuntu.com/5888-1/","reference_id":"USN-5888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5888-1/"},{"reference_url":"https://usn.ubuntu.com/5960-1/","reference_id":"USN-5960-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5960-1/"},{"reference_url":"https://usn.ubuntu.com/6139-1/","reference_id":"USN-6139-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6139-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/","reference_id":"WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2023-24329"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2shb-2cvn-dyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78163?format=json","vulnerability_id":"VCID-4q79-666d-rygx","summary":"python: XML External Entity in XML processing plistlib module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48565","reference_id":"","reference_type":"","scores":[{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9171","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91681","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91673","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91674","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9168","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91678","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91688","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.917","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91631","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91639","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91651","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91657","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91661","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.91663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07274","scoring_system":"epss","scoring_elements":"0.9166","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240059","reference_id":"2240059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240059"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/","reference_id":"AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/","reference_id":"BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/"},{"reference_url":"https://bugs.python.org/issue42051","reference_id":"issue42051","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://bugs.python.org/issue42051"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/","reference_id":"KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0007/","reference_id":"ntap-20231006-0007","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2987","reference_id":"RHSA-2024:2987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2987"},{"reference_url":"https://usn.ubuntu.com/6354-1/","reference_id":"USN-6354-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6354-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-48565"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4q79-666d-rygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42641?format=json","vulnerability_id":"VCID-4z89-3tfk-pyge","summary":"Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40217","reference_id":"","reference_type":"","scores":[{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.6906","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68938","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68909","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.6895","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.6896","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.6894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68991","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68997","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.69003","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68983","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.69026","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68929","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00581","scoring_system":"epss","scoring_elements":"0.68952","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69341","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00597","scoring_system":"epss","scoring_elements":"0.69321","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235789","reference_id":"2235789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235789"},{"reference_url":"https://security.gentoo.org/glsa/202405-01","reference_id":"GLSA-202405-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231006-0014/","reference_id":"ntap-20231006-0014","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231006-0014/"},{"reference_url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/","reference_id":"PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5456","reference_id":"RHSA-2023:5456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5462","reference_id":"RHSA-2023:5462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5463","reference_id":"RHSA-2023:5463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5472","reference_id":"RHSA-2023:5472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5528","reference_id":"RHSA-2023:5528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5531","reference_id":"RHSA-2023:5531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5990","reference_id":"RHSA-2023:5990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5991","reference_id":"RHSA-2023:5991","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5991"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5992","reference_id":"RHSA-2023:5992","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5993","reference_id":"RHSA-2023:5993","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5993"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5994","reference_id":"RHSA-2023:5994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5995","reference_id":"RHSA-2023:5995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5996","reference_id":"RHSA-2023:5996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5997","reference_id":"RHSA-2023:5997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5998","reference_id":"RHSA-2023:5998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6068","reference_id":"RHSA-2023:6068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6069","reference_id":"RHSA-2023:6069","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6069"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6290","reference_id":"RHSA-2023:6290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6793","reference_id":"RHSA-2023:6793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6823","reference_id":"RHSA-2023:6823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6885","reference_id":"RHSA-2023:6885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6885"},{"reference_url":"https://www.python.org/dev/security/","reference_id":"security","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/"}],"url":"https://www.python.org/dev/security/"},{"reference_url":"https://usn.ubuntu.com/6513-1/","reference_id":"USN-6513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6513-1/"},{"reference_url":"https://usn.ubuntu.com/6513-2/","reference_id":"USN-6513-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6513-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2023-40217"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z89-3tfk-pyge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82434?format=json","vulnerability_id":"VCID-57c6-hx7f-efc6","summary":"python: CRLF injection via the host part of the url passed to urlopen()","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18348","reference_id":"","reference_type":"","scores":[{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85746","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85927","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.8587","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85888","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.8591","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85758","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85802","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85827","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85824","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.8582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85844","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85838","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.8586","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02672","scoring_system":"epss","scoring_elements":"0.85869","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18348"},{"reference_url":"https://bugs.python.org/issue30458#msg347282","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue30458#msg347282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191107-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191107-0004/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727276","reference_id":"1727276","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18348","reference_id":"CVE-2019-18348","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4273","reference_id":"RHSA-2020:4273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://usn.ubuntu.com/4333-1/","reference_id":"USN-4333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-1/"},{"reference_url":"https://usn.ubuntu.com/4333-2/","reference_id":"USN-4333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-18348"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57c6-hx7f-efc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59776?format=json","vulnerability_id":"VCID-9mcr-rmtb-mufj","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html"},{"reference_url":"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1260","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3335","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3335"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9740","reference_id":"","reference_type":"","scores":[{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.92982","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93063","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93035","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93031","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93052","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.9299","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.92994","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.92993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93001","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.9301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93009","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.9302","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93022","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0991","scoring_system":"epss","scoring_elements":"0.93029","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9740"},{"reference_url":"https://bugs.python.org/issue36276","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue36276"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://seclists.org/bugtraq/2019/Oct/29","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Oct/29"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190619-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190619-0005/"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/02/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/02/04/2"},{"reference_url":"http://www.securityfocus.com/bid/107466","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107466"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688169","reference_id":"1688169","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688169"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9740","reference_id":"CVE-2019-9740","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9740"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3520","reference_id":"RHSA-2019:3520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1462","reference_id":"RHSA-2020:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1462"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-9740"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mcr-rmtb-mufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50260?format=json","vulnerability_id":"VCID-dkxn-j9dr-sqbp","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3177","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21735","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21653","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21585","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21882","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21875","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21873","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2168","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21827","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21902","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21958","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21696","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21842","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22631","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22589","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918168","reference_id":"1918168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918168"},{"reference_url":"https://github.com/python/cpython/pull/24239","reference_id":"24239","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://github.com/python/cpython/pull/24239"},{"reference_url":"https://security.archlinux.org/ASA-202102-37","reference_id":"ASA-202102-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-37"},{"reference_url":"https://security.archlinux.org/AVG-1465","reference_id":"AVG-1465","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1465"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/","reference_id":"BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/","reference_id":"CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/"},{"reference_url":"https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html","reference_id":"ctypes-buffer-overflow-pycarg_repr.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/","reference_id":"FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/","reference_id":"FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/"},{"reference_url":"https://security.gentoo.org/glsa/202101-18","reference_id":"GLSA-202101-18","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://security.gentoo.org/glsa/202101-18"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/","reference_id":"HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/"},{"reference_url":"https://bugs.python.org/issue42938","reference_id":"issue42938","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://bugs.python.org/issue42938"},{"reference_url":"https://news.ycombinator.com/item?id=26185005","reference_id":"item?id=26185005","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://news.ycombinator.com/item?id=26185005"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/","reference_id":"MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/","reference_id":"MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html","reference_id":"msg00024.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/","reference_id":"NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/","reference_id":"NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210226-0003/","reference_id":"ntap-20210226-0003","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210226-0003/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/","reference_id":"NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1633","reference_id":"RHSA-2021:1633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1761","reference_id":"RHSA-2021:1761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1879","reference_id":"RHSA-2021:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3252","reference_id":"RHSA-2021:3252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5235","reference_id":"RHSA-2022:5235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5235"},{"reference_url":"https://usn.ubuntu.com/4754-1/","reference_id":"USN-4754-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-1/"},{"reference_url":"https://usn.ubuntu.com/4754-3/","reference_id":"USN-4754-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-3/"},{"reference_url":"https://usn.ubuntu.com/4754-4/","reference_id":"USN-4754-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-4/"},{"reference_url":"https://usn.ubuntu.com/4754-5/","reference_id":"USN-4754-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-5/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/","reference_id":"V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/","reference_id":"Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/","reference_id":"YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/","reference_id":"Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2021-3177"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dkxn-j9dr-sqbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78165?format=json","vulnerability_id":"VCID-dv5v-71b5-budp","summary":"python: use after free in heappushpop() of heapq module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48560","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42375","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42344","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42393","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42407","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42382","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42311","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42239","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42156","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42012","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42087","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42103","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249755","reference_id":"2249755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0114","reference_id":"RHSA-2024:0114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0430","reference_id":"RHSA-2024:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0586","reference_id":"RHSA-2024:0586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2987","reference_id":"RHSA-2024:2987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2987"},{"reference_url":"https://usn.ubuntu.com/6394-1/","reference_id":"USN-6394-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6394-1/"},{"reference_url":"https://usn.ubuntu.com/6394-2/","reference_id":"USN-6394-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6394-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/7180-1/","reference_id":"USN-7180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-48560"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dv5v-71b5-budp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62534?format=json","vulnerability_id":"VCID-gkfp-ga1r-jkag","summary":"A vulnerability in Python could lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8492","reference_id":"","reference_type":"","scores":[{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87713","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87664","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87663","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87679","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87695","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87598","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87617","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87624","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87635","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.8763","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87628","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87642","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87643","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.8764","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03512","scoring_system":"epss","scoring_elements":"0.87658","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0363","scoring_system":"epss","scoring_elements":"0.87785","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0363","scoring_system":"epss","scoring_elements":"0.87796","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0363","scoring_system":"epss","scoring_elements":"0.87774","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809065","reference_id":"1809065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1809065"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099","reference_id":"970099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099"},{"reference_url":"https://security.gentoo.org/glsa/202005-09","reference_id":"GLSA-202005-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202005-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3888","reference_id":"RHSA-2020:3888","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3888"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4641","reference_id":"RHSA-2020:4641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4641"},{"reference_url":"https://usn.ubuntu.com/4333-1/","reference_id":"USN-4333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-1/"},{"reference_url":"https://usn.ubuntu.com/4333-2/","reference_id":"USN-4333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4333-2/"},{"reference_url":"https://usn.ubuntu.com/4754-3/","reference_id":"USN-4754-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-3/"},{"reference_url":"https://usn.ubuntu.com/5200-1/","reference_id":"USN-5200-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5200-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2020-8492"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gkfp-ga1r-jkag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83267?format=json","vulnerability_id":"VCID-ppqx-qup8-sqbz","summary":"python: email.utils.parseaddr wrongly parses email addresses","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16056","reference_id":"","reference_type":"","scores":[{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75591","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75674","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75649","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75594","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75624","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75638","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00899","scoring_system":"epss","scoring_elements":"0.75604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75999","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.75975","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79032","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.7906","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79057","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79055","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79088","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.79094","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01217","scoring_system":"epss","scoring_elements":"0.7911","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16056"},{"reference_url":"https://bugs.python.org/issue34155","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue34155"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9"},{"reference_url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190926-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190926-0005/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749839","reference_id":"1749839","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749839"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901","reference_id":"940901","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16056","reference_id":"CVE-2019-16056","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3948","reference_id":"RHSA-2019:3948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1131","reference_id":"RHSA-2020:1131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1132","reference_id":"RHSA-2020:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1764","reference_id":"RHSA-2020:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2520","reference_id":"RHSA-2020:2520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2520"},{"reference_url":"https://usn.ubuntu.com/4151-1/","reference_id":"USN-4151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-1/"},{"reference_url":"https://usn.ubuntu.com/4151-2/","reference_id":"USN-4151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-16056"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppqx-qup8-sqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50772?format=json","vulnerability_id":"VCID-tyk4-kazt-kydj","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20907","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55257","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.5538","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55358","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55419","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55397","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55379","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55414","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55418","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55336","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55357","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55329","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55279","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55322","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55378","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856481","reference_id":"1856481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856481"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099","reference_id":"970099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099"},{"reference_url":"https://security.gentoo.org/glsa/202008-01","reference_id":"GLSA-202008-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4273","reference_id":"RHSA-2020:4273","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4299","reference_id":"RHSA-2020:4299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4641","reference_id":"RHSA-2020:4641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4641"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4654","reference_id":"RHSA-2020:4654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5009","reference_id":"RHSA-2020:5009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5010","reference_id":"RHSA-2020:5010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0528","reference_id":"RHSA-2021:0528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0761","reference_id":"RHSA-2021:0761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0881","reference_id":"RHSA-2021:0881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://usn.ubuntu.com/4428-1/","reference_id":"USN-4428-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4428-1/"},{"reference_url":"https://usn.ubuntu.com/4754-3/","reference_id":"USN-4754-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4754-3/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-20907"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk4-kazt-kydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82060?format=json","vulnerability_id":"VCID-v84j-ugn9-w3c8","summary":"python: XSS vulnerability in the documentation XML-RPC server in server_title field","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16935","reference_id":"","reference_type":"","scores":[{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84528","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84614","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84625","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84627","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84654","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84663","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84666","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84542","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84567","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84589","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02256","scoring_system":"epss","scoring_elements":"0.84609","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02924","scoring_system":"epss","scoring_elements":"0.86486","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02924","scoring_system":"epss","scoring_elements":"0.86506","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02924","scoring_system":"epss","scoring_elements":"0.86467","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16935"},{"reference_url":"https://bugs.python.org/issue38243","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue38243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897"},{"reference_url":"https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213"},{"reference_url":"https://github.com/python/cpython/pull/16373","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/python/cpython/pull/16373"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191017-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191017-0004/"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149","reference_id":"1027149","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763229","reference_id":"1763229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763229"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16935","reference_id":"CVE-2019-16935","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3888","reference_id":"RHSA-2020:3888","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3888"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3911","reference_id":"RHSA-2020:3911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4285","reference_id":"RHSA-2020:4285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4433","reference_id":"RHSA-2020:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://usn.ubuntu.com/4151-1/","reference_id":"USN-4151-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-1/"},{"reference_url":"https://usn.ubuntu.com/4151-2/","reference_id":"USN-4151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4151-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-16935"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v84j-ugn9-w3c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38909?format=json","vulnerability_id":"VCID-vpwj-d49q-1uh8","summary":"Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0391","reference_id":"","reference_type":"","scores":[{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.7912","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.79137","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01214","scoring_system":"epss","scoring_elements":"0.79099","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79882","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79807","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79823","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.7986","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79865","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79941","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79918","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79885","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01317","scoring_system":"epss","scoring_elements":"0.79835","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376","reference_id":"2047376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/","reference_id":"CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/"},{"reference_url":"https://bugs.python.org/issue43882","reference_id":"issue43882","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://bugs.python.org/issue43882"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220225-0009/","reference_id":"ntap-20220225-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220225-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1663","reference_id":"RHSA-2022:1663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1764","reference_id":"RHSA-2022:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1821","reference_id":"RHSA-2022:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6457","reference_id":"RHSA-2022:6457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6457"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/","reference_id":"UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/"},{"reference_url":"https://usn.ubuntu.com/5342-1/","reference_id":"USN-5342-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5342-1/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5342-2/","reference_id":"USN-USN-5342-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5342-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2022-0391"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpwj-d49q-1uh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36442?format=json","vulnerability_id":"VCID-w6k8-js68-87g4","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which might allow attackers to access sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23336","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53385","published_at":"2026-04-18T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53379","published_at":"2026-04-16T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53358","published_at":"2026-04-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53374","published_at":"2026-04-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53323","published_at":"2026-04-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53322","published_at":"2026-05-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53329","published_at":"2026-04-08T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53273","published_at":"2026-05-05T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53375","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54301","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54251","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54271","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54311","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54336","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54321","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00311","scoring_system":"epss","scoring_elements":"0.54358","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-23336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928904","reference_id":"1928904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928904"},{"reference_url":"https://github.com/python/cpython/pull/24297","reference_id":"24297","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://github.com/python/cpython/pull/24297"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/","reference_id":"3EPYWWFDV22CJ5AOH5VCE72DOASZZ255","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/","reference_id":"3YKKDLXL3UEZ3J426C2XTBS63AHE46SM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/02/19/4","reference_id":"4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/02/19/4"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/","reference_id":"46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090","reference_id":"983090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090"},{"reference_url":"https://security.archlinux.org/ASA-202102-28","reference_id":"ASA-202102-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-28"},{"reference_url":"https://security.archlinux.org/ASA-202102-37","reference_id":"ASA-202102-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-37"},{"reference_url":"https://security.archlinux.org/AVG-1465","reference_id":"AVG-1465","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1465"},{"reference_url":"https://security.archlinux.org/AVG-1593","reference_id":"AVG-1593","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1593"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23336","reference_id":"CVE-2021-23336","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23336"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/","reference_id":"FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/"},{"reference_url":"https://security.gentoo.org/glsa/202104-04","reference_id":"GLSA-202104-04","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://security.gentoo.org/glsa/202104-04"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/","reference_id":"HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/","reference_id":"HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/","reference_id":"IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/","reference_id":"KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/","reference_id":"LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/","reference_id":"MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/","reference_id":"MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/","reference_id":"N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/","reference_id":"NJSCSN722JO2E2AGPWD4NTGVELVRPB4R","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/","reference_id":"NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210326-0004/","reference_id":"ntap-20210326-0004","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210326-0004/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/","reference_id":"OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/"},{"reference_url":"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E","reference_id":"rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1633","reference_id":"RHSA-2021:1633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3252","reference_id":"RHSA-2021:3252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4151","reference_id":"RHSA-2021:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4162","reference_id":"RHSA-2021:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4162"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/","reference_id":"RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/","reference_id":"SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/"},{"reference_url":"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933","reference_id":"SNYK-UPSTREAM-PYTHONCPYTHON-1074933","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/","reference_id":"TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/"},{"reference_url":"https://usn.ubuntu.com/4742-1/","reference_id":"USN-4742-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4742-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/","reference_id":"W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2021-23336"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6k8-js68-87g4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59778?format=json","vulnerability_id":"VCID-x7h3-nmjt-aud5","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1260","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3335","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3335"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9947","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78732","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78693","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78716","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78584","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78566","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78592","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78623","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78605","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78596","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78625","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.7862","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78651","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78659","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9947"},{"reference_url":"https://bugs.python.org/issue35906","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue35906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0004/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/02/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/02/04/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695572","reference_id":"1695572","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695572"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9947","reference_id":"CVE-2019-9947","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9947"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2030","reference_id":"RHSA-2019:2030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3520","reference_id":"RHSA-2019:3520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1268","reference_id":"RHSA-2020:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1346","reference_id":"RHSA-2020:1346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1462","reference_id":"RHSA-2020:1462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1462"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2019-9947"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7h3-nmjt-aud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59772?format=json","vulnerability_id":"VCID-xv9p-nyha-xygv","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20852","reference_id":"","reference_type":"","scores":[{"value":"0.01665","scoring_system":"epss","scoring_elements":"0.82224","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01665","scoring_system":"epss","scoring_elements":"0.82179","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01665","scoring_system":"epss","scoring_elements":"0.822","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01952","scoring_system":"epss","scoring_elements":"0.83537","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83574","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83606","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83622","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83616","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83611","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83646","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83647","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83672","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83679","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83546","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83558","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01989","scoring_system":"epss","scoring_elements":"0.83573","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1740347","reference_id":"1740347","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1740347"},{"reference_url":"https://security.gentoo.org/glsa/202003-26","reference_id":"GLSA-202003-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3725","reference_id":"RHSA-2019:3725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3948","reference_id":"RHSA-2019:3948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1131","reference_id":"RHSA-2020:1131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1132","reference_id":"RHSA-2020:1132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1605","reference_id":"RHSA-2020:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1764","reference_id":"RHSA-2020:1764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1764"},{"reference_url":"https://usn.ubuntu.com/4127-1/","reference_id":"USN-4127-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-1/"},{"reference_url":"https://usn.ubuntu.com/4127-2/","reference_id":"USN-4127-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4127-2/"},{"reference_url":"https://usn.ubuntu.com/6891-1/","reference_id":"USN-6891-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6891-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050686?format=json","purl":"pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}],"aliases":["CVE-2018-20852"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xv9p-nyha-xygv"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1"}