{"url":"http://public2.vulnerablecode.io/api/packages/1053810?format=json","purl":"pkg:deb/debian/libtasn1-6@4.16.0-2%2Bdeb11u1","type":"deb","namespace":"debian","name":"libtasn1-6","version":"4.16.0-2+deb11u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.21.0-2","latest_non_vulnerable_version":"4.21.0-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65191?format=json","vulnerability_id":"VCID-3gx3-2gs5-2yab","summary":"libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13151.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13151.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13151","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19538","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19056","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19305","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19318","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19218","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19206","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19163","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19307","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19385","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19436","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19441","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19393","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19336","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19298","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13151"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13151","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13151"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125063","reference_id":"1125063","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125063"},{"reference_url":"https://gitlab.com/gnutls/libtasn1/-/merge_requests/121","reference_id":"121","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-07T21:32:59Z/"}],"url":"https://gitlab.com/gnutls/libtasn1/-/merge_requests/121"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427698","reference_id":"2427698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2427698"},{"reference_url":"https://gitlab.com/gnutls/libtasn1","reference_id":"libtasn1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-07T21:32:59Z/"}],"url":"https://gitlab.com/gnutls/libtasn1"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7500","reference_id":"RHSA-2026:7500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7500"},{"reference_url":"https://usn.ubuntu.com/7954-1/","reference_id":"USN-7954-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7954-1/"},{"reference_url":"https://usn.ubuntu.com/7954-2/","reference_id":"USN-7954-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7954-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1056647?format=json","purl":"pkg:deb/debian/libtasn1-6@4.21.0-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtasn1-6@4.21.0-2"}],"aliases":["CVE-2025-13151"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gx3-2gs5-2yab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71898?format=json","vulnerability_id":"VCID-7jv7-xesq-cuht","summary":"libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12133.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12133.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12133","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64837","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64761","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6479","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64802","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64817","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64834","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64823","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64794","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64843","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65512","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65539","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.65541","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00488","scoring_system":"epss","scoring_elements":"0.6553","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12133"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095406","reference_id":"1095406","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095406"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344611","reference_id":"2344611","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344611"},{"reference_url":"https://gitlab.com/gnutls/libtasn1/-/issues/52","reference_id":"52","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://gitlab.com/gnutls/libtasn1/-/issues/52"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9","reference_id":"cpe:/a:redhat:discovery:1.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-12133","reference_id":"CVE-2024-12133","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-12133"},{"reference_url":"https://gitlab.com/gnutls/libtasn1/-/blob/master/doc/security/CVE-2024-12133.md","reference_id":"CVE-2024-12133.md","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://gitlab.com/gnutls/libtasn1/-/blob/master/doc/security/CVE-2024-12133.md"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17347","reference_id":"RHSA-2025:17347","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4049","reference_id":"RHSA-2025:4049","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:4049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7077","reference_id":"RHSA-2025:7077","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8021","reference_id":"RHSA-2025:8021","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8385","reference_id":"RHSA-2025:8385","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:25:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8385"},{"reference_url":"https://usn.ubuntu.com/7275-1/","reference_id":"USN-7275-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7275-1/"},{"reference_url":"https://usn.ubuntu.com/7275-2/","reference_id":"USN-7275-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7275-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1053811?format=json","purl":"pkg:deb/debian/libtasn1-6@4.19.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-2gs5-2yab"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtasn1-6@4.19.0-2%252Bdeb12u1"}],"aliases":["CVE-2024-12133"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7jv7-xesq-cuht"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83219?format=json","vulnerability_id":"VCID-7yd7-bx5w-cqcp","summary":"libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000654.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000654","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31654","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31786","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.3183","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31649","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31701","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.3173","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31694","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31691","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31669","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31637","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.3146","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31333","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.311","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1621972","reference_id":"1621972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1621972"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906768","reference_id":"906768","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906768"},{"reference_url":"https://usn.ubuntu.com/5352-1/","reference_id":"USN-5352-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5352-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1053810?format=json","purl":"pkg:deb/debian/libtasn1-6@4.16.0-2%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-2gs5-2yab"},{"vulnerability":"VCID-7jv7-xesq-cuht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtasn1-6@4.16.0-2%252Bdeb11u1"}],"aliases":["CVE-2018-1000654"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7yd7-bx5w-cqcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78904?format=json","vulnerability_id":"VCID-zw9h-2unc-1fg2","summary":"libtasn1: Out-of-bound access in ETYPE_OK","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46848.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46848.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46848","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55434","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58773","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58752","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63177","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.6316","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63143","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.65983","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66032","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66018","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67191","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.6717","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70296","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70324","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70322","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46848"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46848"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140058","reference_id":"2140058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140058"},{"reference_url":"https://gitlab.com/gnutls/libtasn1/-/issues/32","reference_id":"32","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://gitlab.com/gnutls/libtasn1/-/issues/32"},{"reference_url":"https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5","reference_id":"44a700d2051a666235748970c2df047ff207aeb5","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5"},{"reference_url":"https://bugs.gentoo.org/866237","reference_id":"866237","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://bugs.gentoo.org/866237"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/","reference_id":"AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV4SHDJF2XLB4CUPTBPQQ6CLGZ5LKXPZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/","reference_id":"ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECM2ELTVRYV4BZ5L5GMIRQE27RFHPAQ6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221118-0006/","reference_id":"ntap-20221118-0006","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221118-0006/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/","reference_id":"OGO7XST4EIJGX4B2ITZCYSWM24534BSU","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGO7XST4EIJGX4B2ITZCYSWM24534BSU/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0116","reference_id":"RHSA-2023:0116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0343","reference_id":"RHSA-2023:0343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0427","reference_id":"RHSA-2024:0427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0427"},{"reference_url":"https://usn.ubuntu.com/5707-1/","reference_id":"USN-5707-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5707-1/"},{"reference_url":"https://usn.ubuntu.com/7954-1/","reference_id":"USN-7954-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7954-1/"},{"reference_url":"https://usn.ubuntu.com/7954-2/","reference_id":"USN-7954-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7954-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/","reference_id":"V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:30:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V5LWOGF7QRMNFRUCZY6TDYQJVFI6MOQ2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1053810?format=json","purl":"pkg:deb/debian/libtasn1-6@4.16.0-2%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-2gs5-2yab"},{"vulnerability":"VCID-7jv7-xesq-cuht"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtasn1-6@4.16.0-2%252Bdeb11u1"}],"aliases":["CVE-2021-46848"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zw9h-2unc-1fg2"}],"risk_score":"2.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtasn1-6@4.16.0-2%252Bdeb11u1"}