Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libonig@5.2.0-1
Typedeb
Namespacedebian
Namelibonig
Version5.2.0-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.9.6-1.1
Latest_non_vulnerable_version6.9.6-1.1
Affected_by_vulnerabilities
0
url VCID-1vz6-251d-1ye7
vulnerability_id VCID-1vz6-251d-1ye7
summary 
Multiple vulnerabilities have been found in Oniguruma, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13225.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13225
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32112
published_at 2026-05-05T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.32337
published_at 2026-04-26T12:55:00Z
2
value 0.00131
scoring_system epss
scoring_elements 0.32253
published_at 2026-04-29T12:55:00Z
3
value 0.00134
scoring_system epss
scoring_elements 0.33092
published_at 2026-04-02T12:55:00Z
4
value 0.00134
scoring_system epss
scoring_elements 0.32955
published_at 2026-04-07T12:55:00Z
5
value 0.00134
scoring_system epss
scoring_elements 0.33
published_at 2026-04-08T12:55:00Z
6
value 0.00134
scoring_system epss
scoring_elements 0.33031
published_at 2026-04-09T12:55:00Z
7
value 0.00134
scoring_system epss
scoring_elements 0.33034
published_at 2026-04-11T12:55:00Z
8
value 0.00134
scoring_system epss
scoring_elements 0.32995
published_at 2026-04-12T12:55:00Z
9
value 0.00134
scoring_system epss
scoring_elements 0.3297
published_at 2026-04-13T12:55:00Z
10
value 0.00134
scoring_system epss
scoring_elements 0.33013
published_at 2026-04-16T12:55:00Z
11
value 0.00134
scoring_system epss
scoring_elements 0.32991
published_at 2026-04-18T12:55:00Z
12
value 0.00134
scoring_system epss
scoring_elements 0.32954
published_at 2026-04-21T12:55:00Z
13
value 0.00134
scoring_system epss
scoring_elements 0.32808
published_at 2026-04-24T12:55:00Z
14
value 0.00134
scoring_system epss
scoring_elements 0.32962
published_at 2026-04-01T12:55:00Z
15
value 0.00134
scoring_system epss
scoring_elements 0.33124
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13225
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13225
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1728965
reference_id 1728965
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1728965
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
reference_id 931878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
6
reference_url https://security.gentoo.org/glsa/201911-03
reference_id GLSA-201911-03
reference_type
scores
url https://security.gentoo.org/glsa/201911-03
7
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
8
reference_url https://access.redhat.com/errata/RHSA-2020:4827
reference_id RHSA-2020:4827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4827
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-13225
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vz6-251d-1ye7
1
url VCID-73xb-21qk-gub3
vulnerability_id VCID-73xb-21qk-gub3
summary oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19246.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19246.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19246
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.54888
published_at 2026-04-01T12:55:00Z
1
value 0.00319
scoring_system epss
scoring_elements 0.54909
published_at 2026-05-05T12:55:00Z
2
value 0.00319
scoring_system epss
scoring_elements 0.54968
published_at 2026-04-24T12:55:00Z
3
value 0.00319
scoring_system epss
scoring_elements 0.54987
published_at 2026-04-26T12:55:00Z
4
value 0.00319
scoring_system epss
scoring_elements 0.54961
published_at 2026-04-29T12:55:00Z
5
value 0.00319
scoring_system epss
scoring_elements 0.54958
published_at 2026-04-02T12:55:00Z
6
value 0.00319
scoring_system epss
scoring_elements 0.54984
published_at 2026-04-04T12:55:00Z
7
value 0.00319
scoring_system epss
scoring_elements 0.54954
published_at 2026-04-07T12:55:00Z
8
value 0.00319
scoring_system epss
scoring_elements 0.55003
published_at 2026-04-09T12:55:00Z
9
value 0.00319
scoring_system epss
scoring_elements 0.55015
published_at 2026-04-18T12:55:00Z
10
value 0.00319
scoring_system epss
scoring_elements 0.54997
published_at 2026-04-12T12:55:00Z
11
value 0.00319
scoring_system epss
scoring_elements 0.54974
published_at 2026-04-13T12:55:00Z
12
value 0.00319
scoring_system epss
scoring_elements 0.55012
published_at 2026-04-16T12:55:00Z
13
value 0.00319
scoring_system epss
scoring_elements 0.54992
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19246
2
reference_url https://bugs.php.net/bug.php?id=78559
reference_id
reference_type
scores
url https://bugs.php.net/bug.php?id=78559
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19246
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19246
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b
6
reference_url https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1777537
reference_id 1777537
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1777537
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946344
reference_id 946344
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946344
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19246
reference_id CVE-2019-19246
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-19246
16
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
17
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
18
reference_url https://usn.ubuntu.com/4460-1/
reference_id USN-4460-1
reference_type
scores
url https://usn.ubuntu.com/4460-1/
19
reference_url https://usn.ubuntu.com/USN-5662-1/
reference_id USN-USN-5662-1
reference_type
scores
url https://usn.ubuntu.com/USN-5662-1/
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-19246
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73xb-21qk-gub3
2
url VCID-7tdw-4nwm-gqe8
vulnerability_id VCID-7tdw-4nwm-gqe8
summary oniguruma: Out-of-bounds stack write in onigenc_unicode_get_case_fold_codes_by_str() during regular expression compilation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9225.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9225
reference_id
reference_type
scores
0
value 0.00288
scoring_system epss
scoring_elements 0.5216
published_at 2026-04-01T12:55:00Z
1
value 0.00288
scoring_system epss
scoring_elements 0.52153
published_at 2026-05-05T12:55:00Z
2
value 0.00288
scoring_system epss
scoring_elements 0.52235
published_at 2026-04-24T12:55:00Z
3
value 0.00288
scoring_system epss
scoring_elements 0.52207
published_at 2026-04-29T12:55:00Z
4
value 0.00288
scoring_system epss
scoring_elements 0.52203
published_at 2026-04-02T12:55:00Z
5
value 0.00288
scoring_system epss
scoring_elements 0.5223
published_at 2026-04-04T12:55:00Z
6
value 0.00288
scoring_system epss
scoring_elements 0.52195
published_at 2026-04-07T12:55:00Z
7
value 0.00288
scoring_system epss
scoring_elements 0.52248
published_at 2026-04-08T12:55:00Z
8
value 0.00288
scoring_system epss
scoring_elements 0.52243
published_at 2026-04-26T12:55:00Z
9
value 0.00288
scoring_system epss
scoring_elements 0.52294
published_at 2026-04-11T12:55:00Z
10
value 0.00288
scoring_system epss
scoring_elements 0.52278
published_at 2026-04-12T12:55:00Z
11
value 0.00288
scoring_system epss
scoring_elements 0.52264
published_at 2026-04-13T12:55:00Z
12
value 0.00288
scoring_system epss
scoring_elements 0.52302
published_at 2026-04-16T12:55:00Z
13
value 0.00288
scoring_system epss
scoring_elements 0.52305
published_at 2026-04-18T12:55:00Z
14
value 0.00288
scoring_system epss
scoring_elements 0.52288
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9225
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9225
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466733
reference_id 1466733
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466733
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863313
reference_id 863313
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863313
6
reference_url https://access.redhat.com/errata/RHSA-2026:7545
reference_id RHSA-2026:7545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7545
fixed_packages
0
url pkg:deb/debian/libonig@6.1.3-2
purl pkg:deb/debian/libonig@6.1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz6-251d-1ye7
1
vulnerability VCID-73xb-21qk-gub3
2
vulnerability VCID-j961-etd4-jfdy
3
vulnerability VCID-jurp-5mrx-13ce
4
vulnerability VCID-khf6-r7w8-c7bm
5
vulnerability VCID-p5gj-xqc9-yqar
6
vulnerability VCID-xzt6-6k5g-byap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2
aliases CVE-2017-9225
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7tdw-4nwm-gqe8
3
url VCID-apf9-z7zs-jyh7
vulnerability_id VCID-apf9-z7zs-jyh7
summary oniguruma: Invalid pointer dereference in left_adjust_char_head()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9229.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9229.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9229
reference_id
reference_type
scores
0
value 0.00384
scoring_system epss
scoring_elements 0.59654
published_at 2026-05-05T12:55:00Z
1
value 0.00384
scoring_system epss
scoring_elements 0.59686
published_at 2026-04-24T12:55:00Z
2
value 0.00384
scoring_system epss
scoring_elements 0.59706
published_at 2026-04-26T12:55:00Z
3
value 0.00384
scoring_system epss
scoring_elements 0.59691
published_at 2026-04-29T12:55:00Z
4
value 0.00593
scoring_system epss
scoring_elements 0.69217
published_at 2026-04-02T12:55:00Z
5
value 0.00593
scoring_system epss
scoring_elements 0.69219
published_at 2026-04-07T12:55:00Z
6
value 0.00593
scoring_system epss
scoring_elements 0.69269
published_at 2026-04-08T12:55:00Z
7
value 0.00593
scoring_system epss
scoring_elements 0.69287
published_at 2026-04-09T12:55:00Z
8
value 0.00593
scoring_system epss
scoring_elements 0.69309
published_at 2026-04-11T12:55:00Z
9
value 0.00593
scoring_system epss
scoring_elements 0.69293
published_at 2026-04-21T12:55:00Z
10
value 0.00593
scoring_system epss
scoring_elements 0.69265
published_at 2026-04-13T12:55:00Z
11
value 0.00593
scoring_system epss
scoring_elements 0.69303
published_at 2026-04-16T12:55:00Z
12
value 0.00593
scoring_system epss
scoring_elements 0.69312
published_at 2026-04-18T12:55:00Z
13
value 0.00593
scoring_system epss
scoring_elements 0.69201
published_at 2026-04-01T12:55:00Z
14
value 0.00593
scoring_system epss
scoring_elements 0.69237
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9229
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9229
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9229
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466746
reference_id 1466746
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466746
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863318
reference_id 863318
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863318
6
reference_url https://access.redhat.com/errata/RHSA-2018:1296
reference_id RHSA-2018:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1296
7
reference_url https://access.redhat.com/errata/RHSA-2026:7545
reference_id RHSA-2026:7545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7545
8
reference_url https://usn.ubuntu.com/3382-1/
reference_id USN-3382-1
reference_type
scores
url https://usn.ubuntu.com/3382-1/
9
reference_url https://usn.ubuntu.com/3382-2/
reference_id USN-3382-2
reference_type
scores
url https://usn.ubuntu.com/3382-2/
fixed_packages
0
url pkg:deb/debian/libonig@6.1.3-2
purl pkg:deb/debian/libonig@6.1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz6-251d-1ye7
1
vulnerability VCID-73xb-21qk-gub3
2
vulnerability VCID-j961-etd4-jfdy
3
vulnerability VCID-jurp-5mrx-13ce
4
vulnerability VCID-khf6-r7w8-c7bm
5
vulnerability VCID-p5gj-xqc9-yqar
6
vulnerability VCID-xzt6-6k5g-byap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2
aliases CVE-2017-9229
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apf9-z7zs-jyh7
4
url VCID-b5af-c9yc-rke7
vulnerability_id VCID-b5af-c9yc-rke7
summary oniguruma: Out-of-bounds heap write in bitset_set_range()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9228.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9228.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9228
reference_id
reference_type
scores
0
value 0.00607
scoring_system epss
scoring_elements 0.69602
published_at 2026-04-01T12:55:00Z
1
value 0.00607
scoring_system epss
scoring_elements 0.69741
published_at 2026-05-05T12:55:00Z
2
value 0.00607
scoring_system epss
scoring_elements 0.69761
published_at 2026-04-26T12:55:00Z
3
value 0.00607
scoring_system epss
scoring_elements 0.69767
published_at 2026-04-29T12:55:00Z
4
value 0.00607
scoring_system epss
scoring_elements 0.69615
published_at 2026-04-02T12:55:00Z
5
value 0.00607
scoring_system epss
scoring_elements 0.69631
published_at 2026-04-04T12:55:00Z
6
value 0.00607
scoring_system epss
scoring_elements 0.69609
published_at 2026-04-07T12:55:00Z
7
value 0.00607
scoring_system epss
scoring_elements 0.6966
published_at 2026-04-08T12:55:00Z
8
value 0.00607
scoring_system epss
scoring_elements 0.69677
published_at 2026-04-09T12:55:00Z
9
value 0.00607
scoring_system epss
scoring_elements 0.69699
published_at 2026-04-11T12:55:00Z
10
value 0.00607
scoring_system epss
scoring_elements 0.69684
published_at 2026-04-12T12:55:00Z
11
value 0.00607
scoring_system epss
scoring_elements 0.6967
published_at 2026-04-13T12:55:00Z
12
value 0.00607
scoring_system epss
scoring_elements 0.69711
published_at 2026-04-16T12:55:00Z
13
value 0.00607
scoring_system epss
scoring_elements 0.6972
published_at 2026-04-18T12:55:00Z
14
value 0.00607
scoring_system epss
scoring_elements 0.69701
published_at 2026-04-21T12:55:00Z
15
value 0.00607
scoring_system epss
scoring_elements 0.69753
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9228
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9228
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
1
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466740
reference_id 1466740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466740
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863316
reference_id 863316
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863316
6
reference_url https://access.redhat.com/errata/RHSA-2018:1296
reference_id RHSA-2018:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1296
7
reference_url https://usn.ubuntu.com/3382-1/
reference_id USN-3382-1
reference_type
scores
url https://usn.ubuntu.com/3382-1/
8
reference_url https://usn.ubuntu.com/3382-2/
reference_id USN-3382-2
reference_type
scores
url https://usn.ubuntu.com/3382-2/
fixed_packages
0
url pkg:deb/debian/libonig@6.1.3-2
purl pkg:deb/debian/libonig@6.1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz6-251d-1ye7
1
vulnerability VCID-73xb-21qk-gub3
2
vulnerability VCID-j961-etd4-jfdy
3
vulnerability VCID-jurp-5mrx-13ce
4
vulnerability VCID-khf6-r7w8-c7bm
5
vulnerability VCID-p5gj-xqc9-yqar
6
vulnerability VCID-xzt6-6k5g-byap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2
aliases CVE-2017-9228
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5af-c9yc-rke7
5
url VCID-ge97-dnra-uygw
vulnerability_id VCID-ge97-dnra-uygw
summary oniguruma: Out-of-bounds stack read in mbc_enc_len() during regular expression searching
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9227.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9227.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9227
reference_id
reference_type
scores
0
value 0.00456
scoring_system epss
scoring_elements 0.63914
published_at 2026-05-05T12:55:00Z
1
value 0.00456
scoring_system epss
scoring_elements 0.63931
published_at 2026-04-24T12:55:00Z
2
value 0.00456
scoring_system epss
scoring_elements 0.63943
published_at 2026-04-26T12:55:00Z
3
value 0.00456
scoring_system epss
scoring_elements 0.63941
published_at 2026-04-29T12:55:00Z
4
value 0.00485
scoring_system epss
scoring_elements 0.65313
published_at 2026-04-02T12:55:00Z
5
value 0.00485
scoring_system epss
scoring_elements 0.65302
published_at 2026-04-07T12:55:00Z
6
value 0.00485
scoring_system epss
scoring_elements 0.65354
published_at 2026-04-08T12:55:00Z
7
value 0.00485
scoring_system epss
scoring_elements 0.65366
published_at 2026-04-09T12:55:00Z
8
value 0.00485
scoring_system epss
scoring_elements 0.65385
published_at 2026-04-11T12:55:00Z
9
value 0.00485
scoring_system epss
scoring_elements 0.65372
published_at 2026-04-12T12:55:00Z
10
value 0.00485
scoring_system epss
scoring_elements 0.65344
published_at 2026-04-13T12:55:00Z
11
value 0.00485
scoring_system epss
scoring_elements 0.6538
published_at 2026-04-16T12:55:00Z
12
value 0.00485
scoring_system epss
scoring_elements 0.65391
published_at 2026-04-18T12:55:00Z
13
value 0.00485
scoring_system epss
scoring_elements 0.65375
published_at 2026-04-21T12:55:00Z
14
value 0.00485
scoring_system epss
scoring_elements 0.65263
published_at 2026-04-01T12:55:00Z
15
value 0.00485
scoring_system epss
scoring_elements 0.65338
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9227
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9227
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:P
1
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466739
reference_id 1466739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466739
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863315
reference_id 863315
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863315
6
reference_url https://access.redhat.com/errata/RHSA-2018:1296
reference_id RHSA-2018:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1296
7
reference_url https://usn.ubuntu.com/3382-1/
reference_id USN-3382-1
reference_type
scores
url https://usn.ubuntu.com/3382-1/
8
reference_url https://usn.ubuntu.com/3382-2/
reference_id USN-3382-2
reference_type
scores
url https://usn.ubuntu.com/3382-2/
fixed_packages
0
url pkg:deb/debian/libonig@6.1.3-2
purl pkg:deb/debian/libonig@6.1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz6-251d-1ye7
1
vulnerability VCID-73xb-21qk-gub3
2
vulnerability VCID-j961-etd4-jfdy
3
vulnerability VCID-jurp-5mrx-13ce
4
vulnerability VCID-khf6-r7w8-c7bm
5
vulnerability VCID-p5gj-xqc9-yqar
6
vulnerability VCID-xzt6-6k5g-byap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2
aliases CVE-2017-9227
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge97-dnra-uygw
6
url VCID-gf19-ebyv-u3b5
vulnerability_id VCID-gf19-ebyv-u3b5
summary oniguruma: Out-of-bounds stack read in match_at() during regular expression searching
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9224.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9224.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9224
reference_id
reference_type
scores
0
value 0.00624
scoring_system epss
scoring_elements 0.70217
published_at 2026-05-05T12:55:00Z
1
value 0.00624
scoring_system epss
scoring_elements 0.70236
published_at 2026-04-24T12:55:00Z
2
value 0.00624
scoring_system epss
scoring_elements 0.70244
published_at 2026-04-26T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70243
published_at 2026-04-29T12:55:00Z
4
value 0.00664
scoring_system epss
scoring_elements 0.71142
published_at 2026-04-02T12:55:00Z
5
value 0.00664
scoring_system epss
scoring_elements 0.71135
published_at 2026-04-07T12:55:00Z
6
value 0.00664
scoring_system epss
scoring_elements 0.71177
published_at 2026-04-08T12:55:00Z
7
value 0.00664
scoring_system epss
scoring_elements 0.71189
published_at 2026-04-09T12:55:00Z
8
value 0.00664
scoring_system epss
scoring_elements 0.71212
published_at 2026-04-11T12:55:00Z
9
value 0.00664
scoring_system epss
scoring_elements 0.71198
published_at 2026-04-12T12:55:00Z
10
value 0.00664
scoring_system epss
scoring_elements 0.71181
published_at 2026-04-13T12:55:00Z
11
value 0.00664
scoring_system epss
scoring_elements 0.71227
published_at 2026-04-16T12:55:00Z
12
value 0.00664
scoring_system epss
scoring_elements 0.71234
published_at 2026-04-18T12:55:00Z
13
value 0.00664
scoring_system epss
scoring_elements 0.71211
published_at 2026-04-21T12:55:00Z
14
value 0.00664
scoring_system epss
scoring_elements 0.71132
published_at 2026-04-01T12:55:00Z
15
value 0.00664
scoring_system epss
scoring_elements 0.71159
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9224
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9224
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:P
1
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466730
reference_id 1466730
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466730
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863312
reference_id 863312
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863312
6
reference_url https://access.redhat.com/errata/RHSA-2018:1296
reference_id RHSA-2018:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1296
7
reference_url https://usn.ubuntu.com/3382-1/
reference_id USN-3382-1
reference_type
scores
url https://usn.ubuntu.com/3382-1/
8
reference_url https://usn.ubuntu.com/3382-2/
reference_id USN-3382-2
reference_type
scores
url https://usn.ubuntu.com/3382-2/
fixed_packages
0
url pkg:deb/debian/libonig@6.1.3-2
purl pkg:deb/debian/libonig@6.1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz6-251d-1ye7
1
vulnerability VCID-73xb-21qk-gub3
2
vulnerability VCID-j961-etd4-jfdy
3
vulnerability VCID-jurp-5mrx-13ce
4
vulnerability VCID-khf6-r7w8-c7bm
5
vulnerability VCID-p5gj-xqc9-yqar
6
vulnerability VCID-xzt6-6k5g-byap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2
aliases CVE-2017-9224
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gf19-ebyv-u3b5
7
url VCID-j961-etd4-jfdy
vulnerability_id VCID-j961-etd4-jfdy
summary 
Multiple vulnerabilities have been found in Oniguruma, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13224.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13224.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13224
reference_id
reference_type
scores
0
value 0.00537
scoring_system epss
scoring_elements 0.67567
published_at 2026-05-05T12:55:00Z
1
value 0.00537
scoring_system epss
scoring_elements 0.67592
published_at 2026-04-26T12:55:00Z
2
value 0.00537
scoring_system epss
scoring_elements 0.67594
published_at 2026-04-29T12:55:00Z
3
value 0.00548
scoring_system epss
scoring_elements 0.67851
published_at 2026-04-07T12:55:00Z
4
value 0.00548
scoring_system epss
scoring_elements 0.67901
published_at 2026-04-08T12:55:00Z
5
value 0.00548
scoring_system epss
scoring_elements 0.67915
published_at 2026-04-09T12:55:00Z
6
value 0.00548
scoring_system epss
scoring_elements 0.67938
published_at 2026-04-11T12:55:00Z
7
value 0.00548
scoring_system epss
scoring_elements 0.67925
published_at 2026-04-12T12:55:00Z
8
value 0.00548
scoring_system epss
scoring_elements 0.67889
published_at 2026-04-13T12:55:00Z
9
value 0.00548
scoring_system epss
scoring_elements 0.67926
published_at 2026-04-16T12:55:00Z
10
value 0.00548
scoring_system epss
scoring_elements 0.67939
published_at 2026-04-18T12:55:00Z
11
value 0.00548
scoring_system epss
scoring_elements 0.6792
published_at 2026-04-21T12:55:00Z
12
value 0.00548
scoring_system epss
scoring_elements 0.67964
published_at 2026-04-24T12:55:00Z
13
value 0.00548
scoring_system epss
scoring_elements 0.67827
published_at 2026-04-01T12:55:00Z
14
value 0.00548
scoring_system epss
scoring_elements 0.6787
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13224
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1728970
reference_id 1728970
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1728970
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
reference_id 931878
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931878
14
reference_url https://security.gentoo.org/glsa/201911-03
reference_id GLSA-201911-03
reference_type
scores
url https://security.gentoo.org/glsa/201911-03
15
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
16
reference_url https://access.redhat.com/errata/RHSA-2024:0409
reference_id RHSA-2024:0409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0409
17
reference_url https://access.redhat.com/errata/RHSA-2024:0572
reference_id RHSA-2024:0572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0572
18
reference_url https://access.redhat.com/errata/RHSA-2024:0889
reference_id RHSA-2024:0889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0889
19
reference_url https://usn.ubuntu.com/4088-1/
reference_id USN-4088-1
reference_type
scores
url https://usn.ubuntu.com/4088-1/
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-13224
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j961-etd4-jfdy
8
url VCID-jurp-5mrx-13ce
vulnerability_id VCID-jurp-5mrx-13ce
summary oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19204.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19204.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19204
reference_id
reference_type
scores
0
value 0.08946
scoring_system epss
scoring_elements 0.92556
published_at 2026-04-01T12:55:00Z
1
value 0.08946
scoring_system epss
scoring_elements 0.92616
published_at 2026-05-05T12:55:00Z
2
value 0.08946
scoring_system epss
scoring_elements 0.92609
published_at 2026-04-21T12:55:00Z
3
value 0.08946
scoring_system epss
scoring_elements 0.92611
published_at 2026-04-26T12:55:00Z
4
value 0.08946
scoring_system epss
scoring_elements 0.92607
published_at 2026-04-29T12:55:00Z
5
value 0.08946
scoring_system epss
scoring_elements 0.92561
published_at 2026-04-02T12:55:00Z
6
value 0.08946
scoring_system epss
scoring_elements 0.92568
published_at 2026-04-04T12:55:00Z
7
value 0.08946
scoring_system epss
scoring_elements 0.92571
published_at 2026-04-07T12:55:00Z
8
value 0.08946
scoring_system epss
scoring_elements 0.92582
published_at 2026-04-08T12:55:00Z
9
value 0.08946
scoring_system epss
scoring_elements 0.92587
published_at 2026-04-09T12:55:00Z
10
value 0.08946
scoring_system epss
scoring_elements 0.92592
published_at 2026-04-13T12:55:00Z
11
value 0.08946
scoring_system epss
scoring_elements 0.92593
published_at 2026-04-12T12:55:00Z
12
value 0.08946
scoring_system epss
scoring_elements 0.92606
published_at 2026-04-16T12:55:00Z
13
value 0.08946
scoring_system epss
scoring_elements 0.92605
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19204
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19204
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19204
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/kkos/oniguruma/issues/162
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/issues/162
5
reference_url https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
6
reference_url https://github.com/ManhNDd/CVE-2019-19204
reference_id
reference_type
scores
url https://github.com/ManhNDd/CVE-2019-19204
7
reference_url https://github.com/tarantula-team/CVE-2019-19204
reference_id
reference_type
scores
url https://github.com/tarantula-team/CVE-2019-19204
8
reference_url https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1802068
reference_id 1802068
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1802068
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945313
reference_id 945313
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945313
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19204
reference_id CVE-2019-19204
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-19204
19
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
20
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
21
reference_url https://access.redhat.com/errata/RHSA-2024:0409
reference_id RHSA-2024:0409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0409
22
reference_url https://access.redhat.com/errata/RHSA-2024:0572
reference_id RHSA-2024:0572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0572
23
reference_url https://access.redhat.com/errata/RHSA-2024:0889
reference_id RHSA-2024:0889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0889
24
reference_url https://usn.ubuntu.com/4460-1/
reference_id USN-4460-1
reference_type
scores
url https://usn.ubuntu.com/4460-1/
25
reference_url https://usn.ubuntu.com/USN-5662-1/
reference_id USN-USN-5662-1
reference_type
scores
url https://usn.ubuntu.com/USN-5662-1/
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-19204
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jurp-5mrx-13ce
9
url VCID-khf6-r7w8-c7bm
vulnerability_id VCID-khf6-r7w8-c7bm
summary oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19203.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19203
reference_id
reference_type
scores
0
value 0.00733
scoring_system epss
scoring_elements 0.72664
published_at 2026-04-01T12:55:00Z
1
value 0.00733
scoring_system epss
scoring_elements 0.72808
published_at 2026-04-29T12:55:00Z
2
value 0.00733
scoring_system epss
scoring_elements 0.72761
published_at 2026-04-21T12:55:00Z
3
value 0.00733
scoring_system epss
scoring_elements 0.72803
published_at 2026-05-05T12:55:00Z
4
value 0.00733
scoring_system epss
scoring_elements 0.72812
published_at 2026-04-26T12:55:00Z
5
value 0.00733
scoring_system epss
scoring_elements 0.72672
published_at 2026-04-02T12:55:00Z
6
value 0.00733
scoring_system epss
scoring_elements 0.7269
published_at 2026-04-04T12:55:00Z
7
value 0.00733
scoring_system epss
scoring_elements 0.72668
published_at 2026-04-07T12:55:00Z
8
value 0.00733
scoring_system epss
scoring_elements 0.72707
published_at 2026-04-08T12:55:00Z
9
value 0.00733
scoring_system epss
scoring_elements 0.7272
published_at 2026-04-09T12:55:00Z
10
value 0.00733
scoring_system epss
scoring_elements 0.72744
published_at 2026-04-11T12:55:00Z
11
value 0.00733
scoring_system epss
scoring_elements 0.72727
published_at 2026-04-12T12:55:00Z
12
value 0.00733
scoring_system epss
scoring_elements 0.72717
published_at 2026-04-13T12:55:00Z
13
value 0.00733
scoring_system epss
scoring_elements 0.72759
published_at 2026-04-16T12:55:00Z
14
value 0.00733
scoring_system epss
scoring_elements 0.7277
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19203
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19203
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/kkos/oniguruma/issues/163
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/issues/163
5
reference_url https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
6
reference_url https://github.com/ManhNDd/CVE-2019-19203
reference_id
reference_type
scores
url https://github.com/ManhNDd/CVE-2019-19203
7
reference_url https://github.com/tarantula-team/CVE-2019-19203
reference_id
reference_type
scores
url https://github.com/tarantula-team/CVE-2019-19203
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1802061
reference_id 1802061
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1802061
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945312
reference_id 945312
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945312
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19203
reference_id CVE-2019-19203
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-19203
17
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
18
reference_url https://access.redhat.com/errata/RHSA-2020:5275
reference_id RHSA-2020:5275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5275
19
reference_url https://access.redhat.com/errata/RHSA-2024:0409
reference_id RHSA-2024:0409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0409
20
reference_url https://access.redhat.com/errata/RHSA-2024:0572
reference_id RHSA-2024:0572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0572
21
reference_url https://access.redhat.com/errata/RHSA-2024:0889
reference_id RHSA-2024:0889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0889
22
reference_url https://usn.ubuntu.com/USN-5662-1/
reference_id USN-USN-5662-1
reference_type
scores
url https://usn.ubuntu.com/USN-5662-1/
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-19203
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khf6-r7w8-c7bm
10
url VCID-p5gj-xqc9-yqar
vulnerability_id VCID-p5gj-xqc9-yqar
summary oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16163.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16163.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16163
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24648
published_at 2026-04-01T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24314
published_at 2026-05-05T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24496
published_at 2026-04-24T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24483
published_at 2026-04-26T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.24442
published_at 2026-04-29T12:55:00Z
5
value 0.00085
scoring_system epss
scoring_elements 0.24724
published_at 2026-04-02T12:55:00Z
6
value 0.00085
scoring_system epss
scoring_elements 0.24763
published_at 2026-04-04T12:55:00Z
7
value 0.00085
scoring_system epss
scoring_elements 0.24536
published_at 2026-04-07T12:55:00Z
8
value 0.00085
scoring_system epss
scoring_elements 0.24607
published_at 2026-04-08T12:55:00Z
9
value 0.00085
scoring_system epss
scoring_elements 0.24655
published_at 2026-04-09T12:55:00Z
10
value 0.00085
scoring_system epss
scoring_elements 0.24671
published_at 2026-04-11T12:55:00Z
11
value 0.00085
scoring_system epss
scoring_elements 0.2463
published_at 2026-04-12T12:55:00Z
12
value 0.00085
scoring_system epss
scoring_elements 0.24573
published_at 2026-04-13T12:55:00Z
13
value 0.00085
scoring_system epss
scoring_elements 0.24586
published_at 2026-04-16T12:55:00Z
14
value 0.00085
scoring_system epss
scoring_elements 0.24576
published_at 2026-04-18T12:55:00Z
15
value 0.00085
scoring_system epss
scoring_elements 0.24552
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16163
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180
5
reference_url https://github.com/kkos/oniguruma/compare/v6.9.2...v6.9.3
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/compare/v6.9.2...v6.9.3
6
reference_url https://github.com/kkos/oniguruma/issues/147
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/issues/147
7
reference_url https://lists.debian.org/debian-lts-announce/2019/09/msg00010.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/09/msg00010.html
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWOWZZNFSAWM3BUTQNAE3PD44A6JU4KE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWOWZZNFSAWM3BUTQNAE3PD44A6JU4KE/
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW47MSFZ6WYOAOFXHBDGU4LYACFRKC2Y/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZW47MSFZ6WYOAOFXHBDGU4LYACFRKC2Y/
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1768997
reference_id 1768997
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1768997
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939988
reference_id 939988
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939988
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-16163
reference_id CVE-2019-16163
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-16163
18
reference_url https://access.redhat.com/errata/RHSA-2020:3662
reference_id RHSA-2020:3662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3662
19
reference_url https://access.redhat.com/errata/RHSA-2024:0409
reference_id RHSA-2024:0409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0409
20
reference_url https://access.redhat.com/errata/RHSA-2024:0572
reference_id RHSA-2024:0572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0572
21
reference_url https://access.redhat.com/errata/RHSA-2024:0889
reference_id RHSA-2024:0889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0889
22
reference_url https://usn.ubuntu.com/4460-1/
reference_id USN-4460-1
reference_type
scores
url https://usn.ubuntu.com/4460-1/
23
reference_url https://usn.ubuntu.com/USN-5662-1/
reference_id USN-USN-5662-1
reference_type
scores
url https://usn.ubuntu.com/USN-5662-1/
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-16163
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p5gj-xqc9-yqar
11
url VCID-s75c-hjr2-uubw
vulnerability_id VCID-s75c-hjr2-uubw
summary oniguruma: Heap buffer overflow in next_state_val() during regular expression compilation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9226.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9226.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9226
reference_id
reference_type
scores
0
value 0.01036
scoring_system epss
scoring_elements 0.77327
published_at 2026-04-01T12:55:00Z
1
value 0.01036
scoring_system epss
scoring_elements 0.77477
published_at 2026-05-05T12:55:00Z
2
value 0.01036
scoring_system epss
scoring_elements 0.77458
published_at 2026-04-26T12:55:00Z
3
value 0.01036
scoring_system epss
scoring_elements 0.7747
published_at 2026-04-29T12:55:00Z
4
value 0.01036
scoring_system epss
scoring_elements 0.77334
published_at 2026-04-02T12:55:00Z
5
value 0.01036
scoring_system epss
scoring_elements 0.77362
published_at 2026-04-04T12:55:00Z
6
value 0.01036
scoring_system epss
scoring_elements 0.77343
published_at 2026-04-07T12:55:00Z
7
value 0.01036
scoring_system epss
scoring_elements 0.77373
published_at 2026-04-08T12:55:00Z
8
value 0.01036
scoring_system epss
scoring_elements 0.77382
published_at 2026-04-09T12:55:00Z
9
value 0.01036
scoring_system epss
scoring_elements 0.77409
published_at 2026-04-11T12:55:00Z
10
value 0.01036
scoring_system epss
scoring_elements 0.77389
published_at 2026-04-12T12:55:00Z
11
value 0.01036
scoring_system epss
scoring_elements 0.77385
published_at 2026-04-13T12:55:00Z
12
value 0.01036
scoring_system epss
scoring_elements 0.77426
published_at 2026-04-16T12:55:00Z
13
value 0.01036
scoring_system epss
scoring_elements 0.77425
published_at 2026-04-18T12:55:00Z
14
value 0.01036
scoring_system epss
scoring_elements 0.77416
published_at 2026-04-21T12:55:00Z
15
value 0.01036
scoring_system epss
scoring_elements 0.77451
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9226
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9226
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466736
reference_id 1466736
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466736
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863314
reference_id 863314
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863314
6
reference_url https://access.redhat.com/errata/RHSA-2018:1296
reference_id RHSA-2018:1296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1296
7
reference_url https://usn.ubuntu.com/3382-1/
reference_id USN-3382-1
reference_type
scores
url https://usn.ubuntu.com/3382-1/
8
reference_url https://usn.ubuntu.com/3382-2/
reference_id USN-3382-2
reference_type
scores
url https://usn.ubuntu.com/3382-2/
fixed_packages
0
url pkg:deb/debian/libonig@6.1.3-2
purl pkg:deb/debian/libonig@6.1.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1vz6-251d-1ye7
1
vulnerability VCID-73xb-21qk-gub3
2
vulnerability VCID-j961-etd4-jfdy
3
vulnerability VCID-jurp-5mrx-13ce
4
vulnerability VCID-khf6-r7w8-c7bm
5
vulnerability VCID-p5gj-xqc9-yqar
6
vulnerability VCID-xzt6-6k5g-byap
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.1.3-2
aliases CVE-2017-9226
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s75c-hjr2-uubw
12
url VCID-xzt6-6k5g-byap
vulnerability_id VCID-xzt6-6k5g-byap
summary oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19012.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19012.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19012
reference_id
reference_type
scores
0
value 0.14783
scoring_system epss
scoring_elements 0.94467
published_at 2026-04-01T12:55:00Z
1
value 0.14783
scoring_system epss
scoring_elements 0.9453
published_at 2026-05-05T12:55:00Z
2
value 0.14783
scoring_system epss
scoring_elements 0.94526
published_at 2026-04-24T12:55:00Z
3
value 0.14783
scoring_system epss
scoring_elements 0.94524
published_at 2026-04-26T12:55:00Z
4
value 0.14783
scoring_system epss
scoring_elements 0.94474
published_at 2026-04-02T12:55:00Z
5
value 0.14783
scoring_system epss
scoring_elements 0.94481
published_at 2026-04-04T12:55:00Z
6
value 0.14783
scoring_system epss
scoring_elements 0.94483
published_at 2026-04-07T12:55:00Z
7
value 0.14783
scoring_system epss
scoring_elements 0.94493
published_at 2026-04-08T12:55:00Z
8
value 0.14783
scoring_system epss
scoring_elements 0.94497
published_at 2026-04-09T12:55:00Z
9
value 0.14783
scoring_system epss
scoring_elements 0.945
published_at 2026-04-11T12:55:00Z
10
value 0.14783
scoring_system epss
scoring_elements 0.94502
published_at 2026-04-13T12:55:00Z
11
value 0.14783
scoring_system epss
scoring_elements 0.94516
published_at 2026-04-16T12:55:00Z
12
value 0.14783
scoring_system epss
scoring_elements 0.94521
published_at 2026-04-18T12:55:00Z
13
value 0.14783
scoring_system epss
scoring_elements 0.94525
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19012
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19012
3
reference_url https://github.com/kkos/oniguruma/issues/164
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/issues/164
4
reference_url https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
reference_id
reference_type
scores
url https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2
5
reference_url https://github.com/tarantula-team/CVE-2019-19012
reference_id
reference_type
scores
url https://github.com/tarantula-team/CVE-2019-19012
6
reference_url https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/12/msg00002.html
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NO267PLHGYZSWX3XTRPKYBKD4J3YOU5V/
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3MBNW6Z4DOXSCNWGBLQ7OA3OGUJ44WL/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1802051
reference_id 1802051
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1802051
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944959
reference_id 944959
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944959
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oniguruma_project:oniguruma:6.9.4:rc1:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19012
reference_id CVE-2019-19012
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-19012
18
reference_url https://access.redhat.com/errata/RHSA-2024:0409
reference_id RHSA-2024:0409
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0409
19
reference_url https://access.redhat.com/errata/RHSA-2024:0572
reference_id RHSA-2024:0572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0572
20
reference_url https://access.redhat.com/errata/RHSA-2024:0889
reference_id RHSA-2024:0889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0889
21
reference_url https://access.redhat.com/errata/RHSA-2025:7539
reference_id RHSA-2025:7539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7539
22
reference_url https://usn.ubuntu.com/4460-1/
reference_id USN-4460-1
reference_type
scores
url https://usn.ubuntu.com/4460-1/
23
reference_url https://usn.ubuntu.com/USN-5662-1/
reference_id USN-USN-5662-1
reference_type
scores
url https://usn.ubuntu.com/USN-5662-1/
fixed_packages
0
url pkg:deb/debian/libonig@6.9.6-1.1
purl pkg:deb/debian/libonig@6.9.6-1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@6.9.6-1.1
aliases CVE-2019-19012
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzt6-6k5g-byap
Fixing_vulnerabilities
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libonig@5.2.0-1