Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1050918?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "type": "deb", "namespace": "debian", "name": "libvirt", "version": "5.0.0-4+deb10u1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "11.3.0-2~bpo12+1", "latest_non_vulnerable_version": "11.3.0-2~bpo12+1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36440?format=api", "vulnerability_id": "VCID-2ska-hmbg-kqdw", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07139", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07165", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07155", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07058", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07188", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07157", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07123", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07082", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07136", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07851", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07899", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067461", "reference_id": "1067461", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270115", "reference_id": "2270115", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270115" }, { "reference_url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/", "reference_id": "BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/" } ], "url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-2494", "reference_id": "CVE-2024-2494", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-2494" }, { "reference_url": "https://security.gentoo.org/glsa/202412-16", "reference_id": "GLSA-202412-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2560", "reference_id": "RHSA-2024:2560", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3253", "reference_id": "RHSA-2024:3253", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T15:14:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3253" }, { "reference_url": "https://usn.ubuntu.com/6734-1/", "reference_id": "USN-6734-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6734-1/" }, { "reference_url": "https://usn.ubuntu.com/6734-2/", "reference_id": "USN-6734-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6734-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2024-2494" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ska-hmbg-kqdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81776?format=api", "vulnerability_id": "VCID-5a7s-trej-63cj", "summary": "libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20485.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20485.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41033", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40776", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.4093", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40846", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40703", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41115", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41146", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41072", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41121", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41148", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41142", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41113", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41039", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40943", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20485" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953078", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953078" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20485" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=a663a860819287e041c3de672aad1d8543098ecc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=a663a860819287e041c3de672aad1d8543098ecc" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2019-20485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2019-20485" }, { "reference_url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1730509.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1730509.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809740", "reference_id": "1809740", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809740" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20485", "reference_id": "CVE-2019-20485", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4000", "reference_id": "RHSA-2020:4000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2019-20485" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5a7s-trej-63cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81495?format=api", "vulnerability_id": "VCID-5pky-1svz-nqf6", "summary": "libvirt: guest agent timeout can be set under read-only mode leading to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10701.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10701.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47419", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47453", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47423", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47478", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47475", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47497", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47473", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47479", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47539", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47531", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47483", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47472", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47427", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47343", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47407", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819163", "reference_id": "1819163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819163" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955841", "reference_id": "955841", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955841" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2020-10701" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5pky-1svz-nqf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81675?format=api", "vulnerability_id": "VCID-5ub6-8d2s-53hj", "summary": "libvirt: Potential denial of service via active pool without target path", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10703.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10703.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10703", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71717", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71863", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71829", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71725", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71743", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71718", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71756", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71768", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71775", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71757", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.718", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71806", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71788", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.71835", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00689", "scoring_system": "epss", "scoring_elements": "0.7184", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10703" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10703" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816650", "reference_id": "1816650", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816650" }, { "reference_url": "https://security.archlinux.org/AVG-1174", "reference_id": "AVG-1174", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4000", "reference_id": "RHSA-2020:4000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" }, { "reference_url": "https://usn.ubuntu.com/4371-1/", "reference_id": "USN-4371-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4371-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2020-10703" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ub6-8d2s-53hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79897?format=api", "vulnerability_id": "VCID-bsjb-frkp-b3an", "summary": "libvirt: deadlock and crash in libxl driver", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4147.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23184", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23401", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23262", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23312", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23333", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23295", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23238", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23254", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23248", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23228", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23036", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23029", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23026", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22919", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002535", "reference_id": "1002535", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002535" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034195", "reference_id": "2034195", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034195" }, { "reference_url": "https://usn.ubuntu.com/5399-1/", "reference_id": "USN-5399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2021-4147" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsjb-frkp-b3an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81578?format=api", "vulnerability_id": "VCID-c628-5r9h-37ad", "summary": "libvirt: memory leak in domstats may allow read-only user to perform DoS attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12430.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12430.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.72489", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00717", "scoring_system": "epss", "scoring_elements": "0.7246", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.74968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.74997", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.74973", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75007", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75018", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.7504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75008", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75044", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75041", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75079", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75085", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.75088", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00859", "scoring_system": "epss", "scoring_elements": "0.74964", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12430" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828190", "reference_id": "1828190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828190" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959447", "reference_id": "959447", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=959447" }, { "reference_url": "https://usn.ubuntu.com/4371-1/", "reference_id": "USN-4371-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4371-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2020-12430" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c628-5r9h-37ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57256?format=api", "vulnerability_id": "VCID-cue5-u48q-87ft", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3667.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3667.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62932", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62963", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62942", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62962", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62977", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63024", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63027", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63005", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62905", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62964", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.62957", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3667" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3667" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094", "reference_id": "1986094", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986094" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991594", "reference_id": "991594", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991594" }, { "reference_url": "https://security.archlinux.org/AVG-2230", "reference_id": "AVG-2230", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2230" }, { "reference_url": "https://security.gentoo.org/glsa/202210-06", "reference_id": "GLSA-202210-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3703", "reference_id": "RHSA-2021:3703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3704", "reference_id": "RHSA-2021:3704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/5399-1/", "reference_id": "USN-5399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3667" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cue5-u48q-87ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57253?format=api", "vulnerability_id": "VCID-ju7x-j33y-8khv", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25637.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25637.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25637", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29407", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29473", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29521", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29452", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30926", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31009", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30857", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31431", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3141", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31382", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31212", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31088", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25637" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881037", "reference_id": "1881037", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881037" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971555", "reference_id": "971555", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971555" }, { "reference_url": "https://security.archlinux.org/ASA-202101-42", "reference_id": "ASA-202101-42", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-42" }, { "reference_url": "https://security.archlinux.org/AVG-1240", "reference_id": "AVG-1240", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1240" }, { "reference_url": "https://security.gentoo.org/glsa/202210-06", "reference_id": "GLSA-202210-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5040", "reference_id": "RHSA-2020:5040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5111", "reference_id": "RHSA-2020:5111", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5111" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762", "reference_id": "RHSA-2021:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1762" }, { "reference_url": "https://usn.ubuntu.com/5399-1/", "reference_id": "USN-5399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2020-25637" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ju7x-j33y-8khv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77417?format=api", "vulnerability_id": "VCID-nqd8-35a9-7bc5", "summary": "libvirt: off-by-one error in udevListInterfacesByStatus()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1441.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17247", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17531", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17565", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17475", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17452", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17385", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17508", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17597", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17658", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17676", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1763", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17577", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19217", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19269", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1441" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066058", "reference_id": "1066058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1066058" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263841", "reference_id": "2263841", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T17:29:32Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263841" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-1441", "reference_id": "CVE-2024-1441", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T17:29:32Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2560", "reference_id": "RHSA-2024:2560", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T17:29:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2560" }, { "reference_url": "https://usn.ubuntu.com/6734-1/", "reference_id": "USN-6734-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6734-1/" }, { "reference_url": "https://usn.ubuntu.com/6734-2/", "reference_id": "USN-6734-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6734-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2024-1441" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqd8-35a9-7bc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79912?format=api", "vulnerability_id": "VCID-r65y-py21-u3eu", "summary": "libvirt: segmentation fault during VM shutdown can lead to vdsm hang", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66834", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.6686", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66914", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66868", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66901", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66915", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66898", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66922", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66936", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66933", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.66904", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3975" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024326", "reference_id": "2024326", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1759", "reference_id": "RHSA-2022:1759", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1759" }, { "reference_url": "https://usn.ubuntu.com/5399-1/", "reference_id": "USN-5399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3975" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r65y-py21-u3eu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35573?format=api", "vulnerability_id": "VCID-wf9y-4uwu-gkaz", "summary": "A vulnerability in libvirt may allow root privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14339.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14339.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22741", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22578", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22598", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22496", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22957", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2275", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22879", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22899", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22861", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22805", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22819", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22813", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22611", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22603", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14339" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14339", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14339" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860069", "reference_id": "1860069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860069" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966563", "reference_id": "966563", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966563" }, { "reference_url": "https://security.archlinux.org/ASA-202009-8", "reference_id": "ASA-202009-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202009-8" }, { "reference_url": "https://security.archlinux.org/AVG-1232", "reference_id": "AVG-1232", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1232" }, { "reference_url": "https://security.gentoo.org/glsa/202101-22", "reference_id": "GLSA-202101-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-22" }, { "reference_url": "https://security.gentoo.org/glsa/202210-06", "reference_id": "GLSA-202210-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3586", "reference_id": "RHSA-2020:3586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4676", "reference_id": "RHSA-2020:4676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4676" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2020-14339" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wf9y-4uwu-gkaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77667?format=api", "vulnerability_id": "VCID-wkrz-dcvc-5ugc", "summary": "libvirt: NULL pointer dereference in udevConnectListAllInterfaces()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10738", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10818", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10938", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10893", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10852", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10794", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1094", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10996", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10963", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10805", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18628", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18683", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269672", "reference_id": "2269672", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T19:25:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269672" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8", "reference_id": "cpe:/a:redhat:advanced_virtualization:8::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_virtualization:8::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-2496", "reference_id": "CVE-2024-2496", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T19:25:01Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-2496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2236", "reference_id": "RHSA-2024:2236", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T19:25:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2236" }, { "reference_url": "https://usn.ubuntu.com/6734-1/", "reference_id": "USN-6734-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6734-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2024-2496" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wkrz-dcvc-5ugc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57257?format=api", "vulnerability_id": "VCID-ypmp-rsaw-s3hb", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16768", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16935", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16919", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16862", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16893", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16848", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23188", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22969", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22965", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22859", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23195", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22976", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23148", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009075", "reference_id": "1009075", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009075" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063883", "reference_id": "2063883", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-08T15:53:19Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063883" }, { "reference_url": "https://security.gentoo.org/glsa/202210-06", "reference_id": "GLSA-202210-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-08T15:53:19Z/" } ], "url": "https://security.gentoo.org/glsa/202210-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-08T15:53:19Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7472", "reference_id": "RHSA-2022:7472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8003", "reference_id": "RHSA-2022:8003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8003" }, { "reference_url": "https://usn.ubuntu.com/5399-1/", "reference_id": "USN-5399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5399-1/" }, { "reference_url": "https://usn.ubuntu.com/6126-1/", "reference_id": "USN-6126-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6126-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2022-0897" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypmp-rsaw-s3hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57254?format=api", "vulnerability_id": "VCID-zj24-rwt5-g3dg", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20867", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2038", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20724", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20699", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20689", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20643", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20634", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20522", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20518", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20487", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20926", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20639", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20716", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20794", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2", "reference_id": "15073504dbb624d3f6c911e85557019d3620fdb2", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2" }, { "reference_url": "https://gitlab.com/libvirt/libvirt/-/issues/153", "reference_id": "153", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://gitlab.com/libvirt/libvirt/-/issues/153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977726", "reference_id": "1977726", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977726" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990709", "reference_id": "990709", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990709" }, { "reference_url": "https://security.archlinux.org/AVG-2124", "reference_id": "AVG-2124", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2124" }, { "reference_url": "https://security.gentoo.org/glsa/202210-06", "reference_id": "GLSA-202210-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://security.gentoo.org/glsa/202210-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220331-0010/", "reference_id": "ntap-20220331-0010", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220331-0010/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3631", "reference_id": "RHSA-2021:3631", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T19:33:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2021:3631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3703", "reference_id": "RHSA-2021:3703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3704", "reference_id": "RHSA-2021:3704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4191", "reference_id": "RHSA-2021:4191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4191" }, { "reference_url": "https://usn.ubuntu.com/5399-1/", "reference_id": "USN-5399-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5399-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1051146?format=api", "purl": "pkg:deb/debian/libvirt@7.0.0-3%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ubdh-hdtv-akgt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@7.0.0-3%252Bdeb11u3" } ], "aliases": [ "CVE-2021-3631" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zj24-rwt5-g3dg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73229?format=api", "vulnerability_id": "VCID-3xk5-72kc-5uhu", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1064.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1064.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80523", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80529", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80552", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80543", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80572", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80582", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80599", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80586", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80606", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80608", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80612", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80637", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.8064", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80656", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80674", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01419", "scoring_system": "epss", "scoring_elements": "0.80695", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1064" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550672", "reference_id": "1550672", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1396", "reference_id": "RHSA-2018:1396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1929", "reference_id": "RHSA-2018:1929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1929" }, { "reference_url": "https://usn.ubuntu.com/3680-1/", "reference_id": "USN-3680-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3680-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036598?format=api", "purl": "pkg:deb/debian/libvirt@1.2.9-9%2Bdeb8u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-3xk5-72kc-5uhu" }, { "vulnerability": "VCID-3zke-md7v-6be5" }, { "vulnerability": "VCID-425h-bz55-yfad" }, { "vulnerability": "VCID-4gha-yszs-x3hw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-8bqx-15w5-4kdm" }, { "vulnerability": "VCID-a5ed-jnjb-pybr" }, { "vulnerability": "VCID-b489-x5z3-pkfh" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-e93r-zft5-33dk" }, { "vulnerability": "VCID-gc5z-hy4a-8uft" }, { "vulnerability": "VCID-gp93-s21f-8fh7" }, { "vulnerability": "VCID-hpgc-t8mr-qkan" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nfem-925f-bfdw" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-pqce-1qud-kbef" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-re7g-2nvj-j3dp" }, { "vulnerability": "VCID-smdn-m8vh-9bb8" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-whhu-jy51-qkec" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-yvkr-qhaj-bfcx" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@1.2.9-9%252Bdeb8u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037235?format=api", "purl": "pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-3xk5-72kc-5uhu" }, { "vulnerability": "VCID-425h-bz55-yfad" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-a5ed-jnjb-pybr" }, { "vulnerability": "VCID-b489-x5z3-pkfh" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-e93r-zft5-33dk" }, { "vulnerability": "VCID-gc5z-hy4a-8uft" }, { "vulnerability": "VCID-gp93-s21f-8fh7" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nfem-925f-bfdw" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-re7g-2nvj-j3dp" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-whhu-jy51-qkec" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-yvkr-qhaj-bfcx" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2018-1064" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3xk5-72kc-5uhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82883?format=api", "vulnerability_id": "VCID-425h-bz55-yfad", "summary": "libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00101.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72161", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72315", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72292", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.723", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72297", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72286", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72187", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72201", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72213", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72236", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.7222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72206", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72249", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72259", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00709", "scoring_system": "epss", "scoring_elements": "0.72246", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3840" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663051" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3840" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZRP2BRMI4RYFRPNFTTIAAUOGVN2ORP7/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZRP2BRMI4RYFRPNFTTIAAUOGVN2ORP7/" }, { "reference_url": "https://www.redhat.com/archives/libvir-list/2019-January/msg00241.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/libvir-list/2019-January/msg00241.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665228", "reference_id": "1665228", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665228" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3840", "reference_id": "CVE-2019-3840", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:N/I:N/A:P" }, { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H" }, { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2294", "reference_id": "RHSA-2019:2294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2294" }, { "reference_url": "https://usn.ubuntu.com/3909-1/", "reference_id": "USN-3909-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3909-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-3840" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-425h-bz55-yfad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60682?format=api", "vulnerability_id": "VCID-a5ed-jnjb-pybr", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst\n of which may result in the execution of arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45677", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45742", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45768", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45761", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45766", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45816", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45757", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45687", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45698", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45638", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45533", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45596", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10168" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720118", "reference_id": "1720118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720118" }, { "reference_url": "https://security.gentoo.org/glsa/202003-18", "reference_id": "GLSA-202003-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1579", "reference_id": "RHSA-2019:1579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1580", "reference_id": "RHSA-2019:1580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1699", "reference_id": "RHSA-2019:1699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1762", "reference_id": "RHSA-2019:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1762" }, { "reference_url": "https://usn.ubuntu.com/4047-1/", "reference_id": "USN-4047-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4047-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-10168" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5ed-jnjb-pybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60680?format=api", "vulnerability_id": "VCID-b489-x5z3-pkfh", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst\n of which may result in the execution of arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10166.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10166.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34157", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34391", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34463", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34464", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34426", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34402", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34423", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34382", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34011", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33993", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33907", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33785", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.33854", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10166" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720114", "reference_id": "1720114", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720114" }, { "reference_url": "https://security.gentoo.org/glsa/202003-18", "reference_id": "GLSA-202003-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1579", "reference_id": "RHSA-2019:1579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1580", "reference_id": "RHSA-2019:1580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1699", "reference_id": "RHSA-2019:1699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1762", "reference_id": "RHSA-2019:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1762" }, { "reference_url": "https://usn.ubuntu.com/4047-1/", "reference_id": "USN-4047-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4047-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-10166" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b489-x5z3-pkfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82675?format=api", "vulnerability_id": "VCID-e93r-zft5-33dk", "summary": "libvirt: virsh domhostname command discloses guest hostname in readonly mode", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2019:3723", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:3723" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3886.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3886.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64184", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64354", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64324", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64337", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64338", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64309", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64242", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.6423", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.6428", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64308", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.6427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64304", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00463", "scoring_system": "epss", "scoring_elements": "0.64315", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3886" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5DHYIFECZ7BMVXK4EP4FDFZXK7I5MZH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5DHYIFECZ7BMVXK4EP4FDFZXK7I5MZH/" }, { "reference_url": "http://www.securityfocus.com/bid/107777", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107777" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694880", "reference_id": "1694880", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694880" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926418", "reference_id": "926418", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926418" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3886", "reference_id": "CVE-2019-3886", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3886" }, { "reference_url": "https://usn.ubuntu.com/4021-1/", "reference_id": "USN-4021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-3886" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e93r-zft5-33dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82522?format=api", "vulnerability_id": "VCID-gc5z-hy4a-8uft", "summary": "libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10132.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10132.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01283", "scoring_system": "epss", "scoring_elements": "0.79724", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01283", "scoring_system": "epss", "scoring_elements": "0.79663", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01283", "scoring_system": "epss", "scoring_elements": "0.7967", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01283", "scoring_system": "epss", "scoring_elements": "0.79685", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01283", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79932", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.7997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.7999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79973", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79965", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79993", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79994", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79996", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79916", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79961", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79923", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79944", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10132" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706067", "reference_id": "1706067", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706067" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929334", "reference_id": "929334", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1264", "reference_id": "RHSA-2019:1264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1268", "reference_id": "RHSA-2019:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1455", "reference_id": "RHSA-2019:1455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1455" }, { "reference_url": "https://usn.ubuntu.com/4021-1/", "reference_id": "USN-4021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-10132" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc5z-hy4a-8uft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60679?format=api", "vulnerability_id": "VCID-gp93-s21f-8fh7", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst\n of which may result in the execution of arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49809", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49847", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49874", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49826", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49893", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49865", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49866", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49912", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49913", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49871", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49878", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49833", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49751", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.4981", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720115", "reference_id": "1720115", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720115" }, { "reference_url": "https://security.gentoo.org/glsa/202003-18", "reference_id": "GLSA-202003-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1578", "reference_id": "RHSA-2019:1578", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1578" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1579", "reference_id": "RHSA-2019:1579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1580", "reference_id": "RHSA-2019:1580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1699", "reference_id": "RHSA-2019:1699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1762", "reference_id": "RHSA-2019:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1762" }, { "reference_url": "https://usn.ubuntu.com/4047-1/", "reference_id": "USN-4047-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4047-1/" }, { "reference_url": "https://usn.ubuntu.com/4047-2/", "reference_id": "USN-4047-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4047-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037235?format=api", "purl": "pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-3xk5-72kc-5uhu" }, { "vulnerability": "VCID-425h-bz55-yfad" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-a5ed-jnjb-pybr" }, { "vulnerability": "VCID-b489-x5z3-pkfh" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-e93r-zft5-33dk" }, { "vulnerability": "VCID-gc5z-hy4a-8uft" }, { "vulnerability": "VCID-gp93-s21f-8fh7" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nfem-925f-bfdw" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-re7g-2nvj-j3dp" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-whhu-jy51-qkec" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-yvkr-qhaj-bfcx" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-10161" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gp93-s21f-8fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60681?format=api", "vulnerability_id": "VCID-nfem-925f-bfdw", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst\n of which may result in the execution of arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37993", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38174", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38197", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38067", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38144", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38107", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38083", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38129", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38046", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3783", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37807", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37712", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37603", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37673", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720117", "reference_id": "1720117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720117" }, { "reference_url": "https://security.gentoo.org/glsa/202003-18", "reference_id": "GLSA-202003-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1579", "reference_id": "RHSA-2019:1579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1580", "reference_id": "RHSA-2019:1580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1699", "reference_id": "RHSA-2019:1699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1762", "reference_id": "RHSA-2019:1762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1762" }, { "reference_url": "https://usn.ubuntu.com/4047-1/", "reference_id": "USN-4047-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4047-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037235?format=api", "purl": "pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-3xk5-72kc-5uhu" }, { "vulnerability": "VCID-425h-bz55-yfad" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-a5ed-jnjb-pybr" }, { "vulnerability": "VCID-b489-x5z3-pkfh" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-e93r-zft5-33dk" }, { "vulnerability": "VCID-gc5z-hy4a-8uft" }, { "vulnerability": "VCID-gp93-s21f-8fh7" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nfem-925f-bfdw" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-re7g-2nvj-j3dp" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-whhu-jy51-qkec" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-yvkr-qhaj-bfcx" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2019-10167" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfem-925f-bfdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34654?format=api", "vulnerability_id": "VCID-re7g-2nvj-j3dp", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst\n of which may result in the execution of arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81013", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81022", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81045", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81073", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81079", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81097", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81076", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81113", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81115", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81112", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81135", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81143", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.8115", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81163", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01494", "scoring_system": "epss", "scoring_elements": "0.81184", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5748" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528396", "reference_id": "1528396", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528396" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887700", "reference_id": "887700", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887700" }, { "reference_url": "https://security.gentoo.org/glsa/201804-07", "reference_id": "GLSA-201804-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-07" }, { "reference_url": "https://security.gentoo.org/glsa/201804-08", "reference_id": "GLSA-201804-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1396", "reference_id": "RHSA-2018:1396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1929", "reference_id": "RHSA-2018:1929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1929" }, { "reference_url": "https://usn.ubuntu.com/3576-1/", "reference_id": "USN-3576-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3576-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2018-5748" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re7g-2nvj-j3dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63538?format=api", "vulnerability_id": "VCID-whhu-jy51-qkec", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000256.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000256.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2017-1000256", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/CVE-2017-1000256" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75838", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75755", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75758", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75744", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75782", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75788", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.758", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00904", "scoring_system": "epss", "scoring_elements": "0.75809", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77178", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77152", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.7715", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77156", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77097", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77126", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77108", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01015", "scoring_system": "epss", "scoring_elements": "0.77141", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000256" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000256", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000256" }, { "reference_url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1556251.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1556251.html" }, { "reference_url": "https://www.redhat.com/archives/libvirt-announce/2017-October/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/libvirt-announce/2017-October/msg00001.html" }, { "reference_url": "http://www.debian.org/security/2017/dsa-4003", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-4003" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503658", "reference_id": "1503658", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503658" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878799", "reference_id": "878799", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878799" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000256", "reference_id": "CVE-2017-1000256", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000256" }, { "reference_url": "https://usn.ubuntu.com/3576-1/", "reference_id": "USN-3576-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3576-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037234?format=api", "purl": "pkg:deb/debian/libvirt@3.0.0-4%2Bdeb9u2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-3xk5-72kc-5uhu" }, { "vulnerability": "VCID-425h-bz55-yfad" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-a5ed-jnjb-pybr" }, { "vulnerability": "VCID-b489-x5z3-pkfh" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-e93r-zft5-33dk" }, { "vulnerability": "VCID-gc5z-hy4a-8uft" }, { "vulnerability": "VCID-gp93-s21f-8fh7" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nfem-925f-bfdw" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-re7g-2nvj-j3dp" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-whhu-jy51-qkec" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-yvkr-qhaj-bfcx" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@3.0.0-4%252Bdeb9u2~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2017-1000256" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-whhu-jy51-qkec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34655?format=api", "vulnerability_id": "VCID-yvkr-qhaj-bfcx", "summary": "Multiple vulnerabilities have been discovered in libvirt, the worst\n of which may result in the execution of arbitrary commands.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10649", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10851", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10678", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10754", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10811", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10824", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10769", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1063", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10646", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10771", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10725", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10705", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1065", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10608", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10745", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6764" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541444", "reference_id": "1541444", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541444" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889839", "reference_id": "889839", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889839" }, { "reference_url": "https://security.gentoo.org/glsa/201804-07", "reference_id": "GLSA-201804-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3113", "reference_id": "RHSA-2018:3113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3113" }, { "reference_url": "https://usn.ubuntu.com/3576-1/", "reference_id": "USN-3576-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3576-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050918?format=api", "purl": "pkg:deb/debian/libvirt@5.0.0-4%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ska-hmbg-kqdw" }, { "vulnerability": "VCID-5a7s-trej-63cj" }, { "vulnerability": "VCID-5pky-1svz-nqf6" }, { "vulnerability": "VCID-5ub6-8d2s-53hj" }, { "vulnerability": "VCID-bsjb-frkp-b3an" }, { "vulnerability": "VCID-c628-5r9h-37ad" }, { "vulnerability": "VCID-cue5-u48q-87ft" }, { "vulnerability": "VCID-ju7x-j33y-8khv" }, { "vulnerability": "VCID-nqd8-35a9-7bc5" }, { "vulnerability": "VCID-r65y-py21-u3eu" }, { "vulnerability": "VCID-wf9y-4uwu-gkaz" }, { "vulnerability": "VCID-wkrz-dcvc-5ugc" }, { "vulnerability": "VCID-ypmp-rsaw-s3hb" }, { "vulnerability": "VCID-zj24-rwt5-g3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" } ], "aliases": [ "CVE-2018-6764" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yvkr-qhaj-bfcx" } ], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvirt@5.0.0-4%252Bdeb10u1" }